Spam

…and some of it masquerades as “marketing” and “newsletter” emails. In March 2010, spam continued to account for a high percentage of all email traffic, peaking at 93.6% of all messages. The majority of this spam email was sent using certain tactics that were deployed to hijack unsecured computers and hide the senders’ identity. Recently, however, there has been an uptick in spam “marketing” and “newsletter” emails. These spam marketing and newsletter emails share one significant commonality with “regular” spam emails, which is that they are unwanted email messages sent to individuals who have no formal relationship with the message sender. ...

Microsoft has made the right decision to temporarily turn off Hotmail’s vacation (e.g., out-of-office) reply feature. Flip the switch off permanently, I say. “In our fight against spam, we sometimes have to make hard choices, and we had to make one this week. We discovered that spammers were using Hotmail’s automatic vacation reply feature to send spam from their Hotmail accounts,” Krish Vitaldevara, Windows Live Hotmail lead program manager, blogged late yesterday. I missed the post because of Apple’s iPhone OS 4 launch. I spotted the announcement first at LiveSide about an hour ago. ...

…”click here to view”. Yes, it seems almost anything is a target for money generating survey spam. In this case, we start with a Youtube video: And we finish with this: Even better, these “fill in a survey to see the content” websites now pop up an additional message as you try to leave the page: “Help keep this content free. Please take one minute to complete a SPAM-free market research survey to gain access to this special content.” ...

The National Bureau of Economic Research has previously indicated that the United States has been in a recession since December 2007. What is interesting to note here is that Symantec first reported that spammers were showing an interest in the slowdown of the economy in October and November of 2007, so this begs the question, “Can the focus of spam email be used as an economic indicator or barometer?” Let’s take a brief look at the recession (thus far) by looking through Symantec’s spam folder (a.k.a. the Symantec Global Intelligence Network). ...

I don’t believe it!! This morning I’ve received an email sent by Google notifying me that I´ve won $950,000, so I think this will be the last post I’m going to write 😉 Well, I haven’t taken part in any promotion of this kind and I’ve never heard that Google gives prizes just like that, but I can consider it as if I won the lottery. Here you have the content of the message: ...

The Indian Premier League 2010 is a huge attraction for the cricket-crazy population in India. These matches are packed with all the ingredients to entertain, and are capable of satisfying viewers’ hunger for more and more cricket matches. People are ready to buy tickets in all possible ways just to watch their local and international cricket stars play. Symantec was anticipating a spamming campaign against ticket sales during the initial period of the sporting extravaganza; however, it is just halfway through the event and still not too late to lure email users with offers related to IPL tickets. ...

It was only a matter of time before the merest of “iPad” mentions on sites such as Twitter would result in autospammed messages like this: These bots will fire a message claiming “we need someone to test and keep one iPad” (or simply “Free iPad here”) to anyone discussing the latest gadget to hit the streets, sending you to various promotional sites like the one below: ...

Spammers have decided that in order for Apple to meet sky-high growth expectations from its shareholders, Apple needs to diversify into selling drugs online. The spam looks similar to the following message below: Spammers have setup various hacked sites to redirect traffic to online drug stores. However, the spammers are probably frowning/pouting now as Sophos has once again thwarted their plans.

A friend of mine forwarded a suspicious email message recently. I’ve replaced the domain, order number, etc. below: I validated for my friend that the email was bogus. The domain was not held by Domain Registry of America (DROA), and never had been. The domain was not expiring in the next 90 days. Later he received a follow-up email: The scam attempts to get domain holders to transfer service and pay accordingly. It seems this scam has been around for at least eight years, though it has morphed over time. Apparently the DROA has chosen to test the 2003 judgment by the Federal Trade Commission (http://www.ftc.gov/opa/2003/12/domainreg.shtm). One thing of interest here is the two-staged approach: The first message requires no action by the recipient, but the second message tells the user to obtain and hand over the keys to the castle. ...

Scum on the run Security blogger Brian Krebs is reporting some good numbers that show spammers are no longer registering their domains in China (.cn) since that country started requiring actual on-paper registrations and business licenses, which precludes anonymous registration. AND their new top-level domain of choice, Russia (.ru), is going to make life for sca/spammers difficult there. “Russia’s Coordination Center for domain registration will require individuals and businesses applying for a .ru address to provide a copy of a passport or legal registration papers.” Krebs wrote. ...