Spam

Honestly, how many times have you won free stuff by clicking on links? And no… those spam, trojan, and spyware do not count as free stuff. We recently found a scam that promises a free iPad to application testers. Apparently, the site lures the person into joining an iPad application testing program while the site owner makes profit from SMS fee charges and affiliation programs. To enroll in the program, “testers” are required to complete two steps. ...

“What are you doing? “To join or to see who invited you, check the attachment.” Hmmm. That looked interesting. After I clicked on it (in virtual environment), Yahoo renamed the attachment from “Invitation+Card.zip” to “Neutral.gif” and gave a warning: Nice work Yahoo.

Toy Story 3 is romping across cinemas Worldwide, and rightly so – it’s the best of the series by far. I thought it might be worth pointing out that being a product aimed at children doesn’t exclude it from internet shenanigans. If you have young children online who are partial to searching for Toy Story material, you might want to warn them about some of the below scams. One of the most popular tactics is advertising the “full movie” on Youtube, but directing the end-user to a bunch of surveys instead: ...

When I was a child, I was fascinated by ATM machines. I had a savings account which my mother would deposit money regularly and I waited for the day that I could raid the account with the ATM card for frivolous spending on console games and fast food. Nigerians have developed a cunning method to transfer millions of dollars to lucky winners worldwide. Yes, it is indeed the humble ATM card. ...

Email hoaxes are nothing new, dating back at least as far as 1994 with what is widely believed to have been the first email hoax—referred to as the “Goodtimes virus” or the “Goodtimes virus hoax” after the subject of the email. The message in the early version was short and to the point, advising recipients not to open email messages with the subject “Good Times” because doing so would ruin their files. This, of course, was not true, but in cases where the recipient complied with the warning, it obviously had the effect of ruining their chances of actually reading any legitimate email messages with that very subject. ...

Spam emails such as the one below have been doing the rounds on the Internet hoping to lure recipients into downloading a Facebook toolbar. If you download the file by clicking on “Download Here”, you’ll see a file with the icon shown below: If you take a closer look at the icon, “darkSector” is shown inside of it. How strange. Is this actually a Facebook toolbar? Let’s take a look at the property of the file since the file looks a bit fishy. In the file properties, you’ll see the following in the Details tab. ...

We want to warn you of an email message in Spanish we’ve received with the subject ( Urgente ) Posible Terremoto y Tsunami con un 89 % de efectividad and that is of course false. The message consists of different images and informs users about an alert of earthquake and tsunami in Chile. Besides, it passes itself off as a warning of National Geographic, in order to make it more credible. ...

Last week we received a mass mailing that at first glance appeared no different from the usual mailbox clutter. The messages were in German and advertised an online casino. Nothing out of the ordinary there – after all, gambling-themed spam is one of the most popular in the German-speaking realms of cyberspace. But after a closer inspection, these messages turned out to be of much more interest – all the links in the messages led to pages created on legitimate sites that had been compromised. The links looked like this: **\*.com/news_.php or *****.com/1500.php. ...

Yesterday evening our spamtraps started receiving the email below in a mass mailing action. The email was immediately flagged as spam even before reaching our spamtraps. No wonder since it has no To:-field, it has a different Reply-to:- than the From:-field and it comes from a DSL line IP address. If the user replies to the email, the return address is set to [email protected]. Nice try, but the email is just to generic to be actually taken seriously by anyone. I expect to see targeted emails in the next days (as we’ve already seen last year). ...

Does anyone really care about opening a zip file to examine an RTF or JPEG file? This task—combined with a dull, unexciting, unstimulating subject line—competes with the content of the email to win a race of worthlessness. Spammers have traditionally used zip files to carry executables, but in most cases the subject line or the content of the message made an effort to encourage users to open the attachment. There are cases of spamming attacks in which HTML attachments opened up a fully functional Web page, capable of carrying sensitive user information back to the fraudsters. However, with this latest spam attack using zipped files, not only have the spammers made an attempt to escape anti-spam filters, they’re missing out on reaching any users as well. The scope of returns for these messages looks to be much less rewarding than other comparable attacks. ...