Credit: Spamhaus.org

The Latvian government is quite upset with Spamhaus and was not shy about showing it. The spat began when Spamhaus placed a block of IPs belonging to a Latvian service provider called Microlines due to a large amount of spam and DDoS attacks traffic originating with them. Spamhaus said when it contacted the provider with a take down demand they were ignored. They also sent the same requests to the router provider, Latnet Serviss and were also ignored. That’s when they blacklisted the IPs. The government agency in charge of top level domains for the country promptly lashed out when the blacklist caused several national institutions and organizations to suffer an outage.

          “No Internet user should be punished for the actions of another Internet user,” the officials said, adding that Spamhaus is impolite, arrogant, and even rude.”

Their ire is the result of the fact that Latnet Serviss is one of the largest ISPs in the country, but the fact remains that they blatantly ignored the communications from Spamhaus, and what’s more, Microlines has been found to be hosting rogue anti-virus apps, the Zeus and Gozi Trojans, and other malware. Several security firms have come to Spamhaus’s defense and blamed Latnet and Microlines for refusing to deal with the issue.

It’s not yet known if the government has taken any action to get Microlines to comply or when/if the block will be lifted. The moral of the story? If you get a take down notices or abuse complaint, take it seriously and respond promptly!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Lativa Upset With Spamhaus Over Blacklisting

Here’s a look at the Zeus botnet’s top spam campaigns:

1. An unauthorized transaction billed to your bank account- Although most people should know that if their bank spots a fraudulent transaction they will call you or send you a letter - not email you, this subject line is alarming enough to get some people to open it and wind up getting phished or infected with malware.
2. DHL Tracking number #######- This is one of the oldest campaigns. A variation uses UPS instead of DHL, but in both cases the included attachment has a hidden executable that contains malware.
3. FDIC has officially named your bank failed bank- An obvious attempt to exploit the economic crisis. Too bad the horrible grammar gives it away.
4. Hello- This is why it’s often advised not to send emails this way. Many spam filters flag messages with “Hello” or “Hi” as the subject because of campaigns like this.
5. Notice of Underreported Incomeir- The glaring misspelling gives this away as spam right away.
6. Review your annual Social Security statement- This has been around for a while as well. The scammers are hoping there are still folks out there who don’t know that the SSA sends out your statement via postal mail about 6 months before your birthday each year.
7. Welcome to Friendster- An obvious attempt to exploit a brand. Unfortunately for them Friendster isn’t quite as popular as it used to be.
8. You have received a file from (email) via YouSendIt.- This campaign is banking on people’s natural curiosity to be peaked enough to open it.
9. Your Flight Ticket #####- Delta was one of the more recent airlines to be exploited by this campaign. The scammers are hoping that when someone gets the fake ticket and cheery note informing them that their credit card has been charged over $800 that they’ll be upset enough to not think first and open the attached paperwork, which delivers a Trojan.
10. Your Order with Amazon.com- This is a blatant phishing campaign. Every link in the fake notification leads to a fake Amazon login page. It’s pretty easy to spot though because the total amount due, which is listed twice, is always two different amounts and there is plenty of broken English as well.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Top 10 Zeus Campaigns

Google announced that it has fixed a bug that caused a small percentage of GMail accounts to send the same email messages over and over again. The unending barrage of messages caused some of the affected accounts to be blacklisted by services such as SORBS.net and Backscatterer.org and left users wondering if their computers had been infected with some kind of malware or hacked.

“The problem with Google Mail should be resolved,” Google’s tech support staff wrote. “We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better.”

Some affected users who use GMail for business purposes were embarrassed and left having to explain to clients and colleagues who were no doubt annoyed by the flood of duplicate messages. Google has not provided any details about the bug or what might have caused it, and it’s not known if they provided assistance in getting blacklisted users off those lists.

It’s estimated that about 2.5% of GMail’s roughly 160 million users (as reported by the Wall Street Journal) were affected. That may not sound like much, but it equals about 4 million users whose accounts were turned into mail bombing machines by the bug. That’s a lot of email.

Google probably wishes the timing had been better as the bug hit in the same week they had called a press conference to announce that Google Voice and GMail have been integrated.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

GMail Bug That Turned Some Users Into Spammers Fixed

The folks over at InformationWeek are reporting that the Pushdo botnet has been crippled. Thanks to a combined effort on the part of several security researchers, Pushdo, also known as Cutwail, has had the majority of its command and control servers shut down. Pushdo pumps out enormous amounts of spam, much of it malicious, and is responsible for a massive DDoS against hundreds of commercial and government websites earlier this year.

Compromised computers spew spam.

          “We identified a total of 30 servers used as part of the Pushdo/Cutwail infrastructure, located at eight different hosting providers all over the world,” said Thorsten Holz at cybercrime intelligence service LastLine. “We contacted all hosting providers and worked with them on taking down the machines, which lead to the take-down of almost 20 servers. Unfortunately, not all providers were responsive and thus several command & control servers are still online at this point.”

The shutdowns resulted in Pushdo’s huge flood of spam sharply plummeting.

Is this a good thing? Of course. Will it last? Not likely.

Botnet herders have learned from the McColo shutdown. Their command and control systems have become more complex and widespread so that when something like this happens, they are usually back in business within days rather than weeks or months. Many botnets are not programmed with long lists of domains so that if they try to connect to one and get no response they can move on to the next one and so on until they are able to connect.

It will be interesting to see how long it takes Pushdo to bounce back!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Pushdo Botnet Crippled

Security researchers say the massive Rustock botnet is currently responsible for 40% of the world’s spam volume. This is particularly impressive considering the number of infected computers under its control has dropped from 2.5 million to 1.3, probably as a result of increased detection by anti-virus software. Still, even with the reduction in size it is still pumping out nearly 50 billion spam messages a day.

Compromised computers spew spam.

Most of that spam is pharmaceutical, hawking counterfeit prescription drugs offered by the infamous group of Canadian Pharmacy websites. The drugs, which are freely distributed without a prescription, are made in India and China and are not regulated or inspected in any way. The group behind the Canadian Pharmacy scams is said to be connected to the Russian Mafia.

Rustock was thought to be using Transport Layer Security to encrypt its spam in an effort to make detection difficult but appears to have abandoned the practice, probably due to the affected it had on bandwidth and processing speed.

The botnet has been thriving since its recovery from the McColo shutdown back in November 2008. When the cybercriminal-friendly ISP had its service terminated by its upstream providers, Rustock went dark, but the herders behind it acted quickly to switch its command and control servers to another host and began developing ways to keep it from depending on a single host, which has kept it from further shut downs. Botnets are now programmed with a list of different domains and IPs to contact for instructions, so if one goes down, a new one can easily and quickly be found.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Rustock Botnet Responsible for 40% of All Spam

Thousands of UK students are furious with the country’s Universities and Colleges Admission Service after receiving an email from them with the subject line “You’ve Been Accepted”. The message, which led students to believe it was an acceptance notice from a university, was actually a spam message advertising discounted HP laptops. This infuriated students, as this is the time of year when they are awaiting their A-level results and scrambling to apply to the limited amount of university openings available. In the UK there are more qualified students than there are spots at the most sought after universities. Many students feel that the spam message was not only misleading, but cruel and in poor taste. The UCAS, red-faced, quickly offered an apology.

A UCAS spokesman said: “We understand and apologise for the confusion this has caused to some applicants, and we are looking at reviewing our quality filters to avoid this type of situation in future.”

It’s not known who approved the message or its deceptive subject line. HP has declined to comment on the matter. This story illustrates how important it is to use care in sending newsletters and other bulk mailings to the customers on your mailing list. A deceptive subject line, even if it wasn’t intended to be, can cause a real public relations headache for your company, and thanks to social networking services like Facebook, your unhappy customers can make themselves heard in a hurry! Avoid wordplay and other attempts to be cute and keep your subject lines and messages simple and straightforward. The old saying, “Keep it simple, stupid!” really is the best policy.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

UK University Service Infuriates Students With Spam

Spammers have begun sending out fake LinkedIn notices that have spam attached to them. At first glance they look like the notices you get when someone wants to add you to their network but they have a linked image attached which is usually an ad for Viagra Cialis and other related types of drugs. The link leads to a site called PathTasty. PathTasty appears to be one of the hundreds of fake internet pharmacies that fall under the “Canadian Pharmacy” umbrella. This isn’t a phishing scam – if you place an order you will get it but it will be a counterfeit version of the drugs you paid for. These fake drugs are made in China and India with unknown ingredients and are completely untested and unregulated. There have been no reports of anyone getting sick or dying from taking the fake drugs but the FDA was concerned enough to issue an alert warning consumers to stay away from these sites.

Canadian Pharmacy has been around for quite sometime now. Its spam is pumped out by the massive Rustock and Mega-D botnets and is run by GlavMed, which bills itself as an “affiliate program” but most security experts consider it a criminal organization. It’s located in Russia however which makes it difficult to track down.

Ironically there is a very legit company called Canada Pharmacy and they are said to be quite irate over the association with Canadian Pharmacy. Canada Pharmacy is a real pharmacy doing business on the net and unlike Canadian Pharmacy, they won’t dispense drugs to anyone without a valid prescription for them.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Spammers Using Fake LinkedIn Notifications

Office supply retailer Office Depot is the latest company to be brand-jacked by spammers. The company says they’ve received many reports of both customers and non-customers receiving fake order receipts for merchandise they never bought. The order total appears to always be the same amount, $151.06.  While they won’t say exactly how many reports they’ve got, company representatives say the problem is wide spread and have issued a warning:

“Office Depot has been alerted that both customers and non-customers have received an unsolicited email confirmation of an Office Depot order that they never placed,” Office Depot spokesman Brian Levine said in a statement. “This message was not sent by Office Depot. We are asking recipients of the email to delete it. Office Depot only sends email confirmation messages to customers who request one at the time that they place an order and this confirmation comes from an Office Depot email account. ”

No other details about the spam campaign have been released but if it’s like similar campaigns that have brand jacked big names like Amazon and UPS, there is probably some sort of attempted phishing attack or malware delivery involved. Presumably the spammers are trying to get people click on a link that leads to a fake Office Depot page, much like the Amazon attack that sent fake Amazon order confirmations included links that led to a fake Amazon login page. Spammers and scammers are getting more and more brazen about using the names of well known companies to trick people into falling for their schemes.

It’s difficult to keep your brand from ending up in a scammer’s campaign so it’s important to make sure you have a strong response strategy. Take any reports of such activity very seriously. Send an immediate take down order to any domain you find hosting a fake copy of your company website and issue warnings to all your customers and vendors. Being proactive is your best defense.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Office Depot Latest Brand To Be Exploited By Spammers

A new spam campaign has begun spreading across the net. Disguised to look like a ticket purchase email from Midwest Airlines, it is an attempt to spread the Zbot Trojan. The email thanks the recipient for using the company’s new “Buy Airline Ticket Online” feature and provides the login details of an account that was created in their name along with the receipt for a purchase of over $800 that was charged to their credit card. It goes on to tell them the ticket is in the email’s attachment.

Of course the feature, receipt, ticket, and charge are all fake and if the user opens it the Zbot Trojan is downloaded and installed.

Zbot is distributed by the Zeus botnet and is a virulent banking Trojan that has stolen millions from bank accounts around the world. Last month alone it was responsible for stealing over $1 million from customers of a bank in the United Kingdom. Once installed it monitors the system and strikes when the user visits a site on its list. These include e-commerce sites and most major banks, credit card companies, and other financial institutions. Once a site is visited a keylogger drops and records the login info, then sends it back to the command and control server. After the stolen information is used to transfer funds from the account to the criminals, a fake statement is created to hide the crime.

Investigators and researchers aren’t sure who is behind ZBot, but given that the C&C servers are located in Eastern Europe some suspect the stolen funds are being siphoned to the Russian mafia.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

New Zbot Spam Campaign Unleashed

Six people, five men and one woman, have been arrested for their parts in a huge phishing ring. UK authorities say that the group has so far stolen over $550,000 and compromised over 20,000 credit card and bank accounts but say the tab could potentially reach over $6 million once they are able to establish the full extent of the operation. The five were arrested in London and County Meath, Ireland by the Metropolitan Police as part of an investigation called Operation Dynamophone.

          “We have taken this action to shut down an organised criminal network running an online phishing and account take-over operation,” said the Met’s Detective Inspector Colin Wetherill.”A great deal of personal information was compromised and cleverly exploited for substantial profit. By disrupting the operation we have hopefully prevented further loss to individuals and institutions across the UK.”

The group sent out fake emails made to look like they came from legit banking institutions in an attempt to trick them into going to the lookalike sites they created and turning over their login info. Once the info was in their hands they went to town cleaning out bank accounts and maxing out credit cards. Detective superintendent Charlie McMurdie of the Police Central eCrime Unit (PCeU) said they are also trying to determine if the gang distributed malware as part of their operation.

          “In high-volume phishing, malware infection goes on,” said McMurdie. “One million emails through various channels and in various forms will get a certain percentage of response.”

The accused remain in custody in London on suspicion of conspiracy to commit online banking fraud and violations of the Computer Misuse Act.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Six Arrested in UK Phishing Operation Bust

A new spam statistics report is out that names the top 10 most spammed states. Let’s take a look:

1. North Carolina-91.3
2. New Hampshire-91.3%
3. Washington-91.3%
4. Utah- 91.5%
5. Illinois-91.8%
6. Tennessee-92.1%
7. Indiana-92.7%
8. South Carolina-93.6%
9. Alabama- 94.4%
10. Idaho- 95.2%

North Carolina, New Hampshire, and Washington were all tied for the 10^th spot while Idaho came in first for the second year in a row. All 10 states had spam levels well above the national average of 89.3%. On the other end of the spectrum, Puerto Rico came in as the least spammed U.S. state or territory for the second year in a row. It’s not known exactly why some states get more spam than others, but it may have to do with state spam laws and advertising regulations.

Some other facts the study revealed:

Most Spammed Industries: Engineering, Construction and Automotive.

Least Spammed: Admin, Public Sector, and Finance.

Most Spammed Countries: Luxembourg, China, Hong Kong, Germany, and The Netherlands.

As far a phishing goes, New Zealand takes the top spot while Japan was the least phished country. A new phishing scam was discovered – this one sent came in the form of emails offering a brand new PDF reader. Overall phishing levels increased with 1 in every 557.5 emails being a phishing attempt, an increase of .02% over June.

The report also found that the Storm botnet has come raging back and is pumping out pharmaceutical spam using URL shortening services. The masked URLs are easier to get by spam filters and blacklists. Storm was once the largest botnet in the world.

Virus levels decreased slightly with only 1 in ever 306 emails containing malware. That’s a drop of .04% from June.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Top 10 Most Spammed States

BusinessWeek has a great article about the FTC and how they’ve evolved to become a fixture in the war against spam and online fraud. They have a server that holds over 314 million spam messages and receives over 200,000 more a day. Investigators analyze the messages in their efforts to track down spammers and prosecute them under the CAN-SPAM law. Successful investigations lead to spammers being fined and sometimes jailed. They’ve also begun moving into the areas of social networking and identity theft.

I wonder though, of all the spam messages they collect what percentage originates from somewhere other than the U.S. Most hardcore spamming operations are safely overseas on bullet proof hosts in countries that don’t investigate or prosecute cybercrime either due to lack of understanding, lack of resources, or law enforcement corruption. Since these spammers can be convicted and fined without having to actually appear in court, yet can’t be made to pay up unless they enter the U.S., it seems such investigations could all be done in vain. Suing spammers doesn’t work well either – they just declare bankruptcy and move on to a new scam. There have been a few cases lately about spammers who’ve gotten themselves pretty hefty jail sentences but again, it doesn’t really work when the spammer is overseas somewhere.

So yes, the FTC is doing a great thing by investigating spammers and holding them accountable under the CAN-SPAM Act, but fighting spam will only be truly effective when all countries do so together and have similar anti-spam laws.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

The FTC gets over 200,000 Spam Messages a Day

The folks over at Softpedia have an interesting article about a new spam campaign being run by the Cutwail botnet. It’s pumping out hundreds of millions of messages claiming to be Social Security statements:

          “Due to possible calculation errors, your annual Social Security statement may contain errors. Open attached file to review your annual Social Security statement,” the rogue messages read. The attachment is an archive file called statement.zip

They come with a zipped attachment that the message claims is the actual statement, but it really contains a variant of the Zbot Trojan. It downloads keyloggers and other malware designed to steal banking log ons and other personal information as well as a rootkit that allows a hacker to control the system remotely.  Zbot is programmed with a list of popular e-commerce and banking sites such as eBay, Paypal, Bank of America and and Amazon and when one of them is visited, the keylogger activates, records the log in info and sends it back to its command and control server.

Zbot has been around for three years and in the last 6 months infections have skyrocketed. The U.S. has been most affected, claiming 75% of all Zbot infections globally. The UK is second.

For the record the Social Security Administration only sends out statements via postal mail. They usually go out once a year about 6 months before your birthday. It’s not surprising that they are trying to use the SSA in their campaign as previous campaigns have exploited the IRS and other agencies.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Cutwail Botnet Unleashing New Malicious Spam Campaign

A new report analyzing spam trends for the first half of 2010 has found that Canadian Pharmacy spam accounted for a whopping 66% of the total global spam volume for that time period. Spam hawking fake designer goods came in a distant 2^nd with 7% of total global spam volume.

Canadian Pharmacy, which dubs itself the #1 internet pharmacy, isn’t Canadian or even a pharmacy at all. It’s run by a Russian cybercrime group that hides behind a rogue affiliate program called GlavMed. The site sells fake versions of well known prescription drugs such as Viagra, Cialis, Vicodin, and Oxycontin, a practice so dangerous the FDA issued a warning about it, as well as fake vitamins and male enhancement products. There’s no actual pharmacist overseeing things and they take and fulfill orders without asking for a prescription. The fake drugs are made in, and shipped from, India and China.

The GlavMed group uses botnets to pump out its spam and has been known to control up to 8 of them. They avoid being shut down by using so-called bulletproof hosts that ignore all take down requests and complaints.

The so-called “Replica Products” spam campaign may comprise only 7% of global spam volume but look for that to rise as the holidays approach. Those spammers will be out in full force hawking fake Rolex watches, Louis Vuitton and Coach handbags, Rayban sunglasses, and more as they try to appeal to cash strapped shoppers looking for bargains. With the economy still on shaky ground you can be sure they’ll do what they can to take advantage.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Canadian Pharmacy Dominates Spam

A new spam campaign has a disturbing twist. The messages aren’t selling anything or attempting to lure the recipients to a malicious site. Instead, they tell them they have only days to live.

With subject lines like “Somebody you call friend wants you dead!” they can’t help but get the recipient’s attention. The message is even scarier. The writer claims to be a hitman hired by one of their friends and says they will be killed within 10 days and are being tracked down by the hitman’s associates. However, it goes on to say, they are willing to make a deal and spare the recipient’s life for $8,000. The instructions are to wire $3,000 immediately and the rest at a later date. The message ends with a warning not to go out after dark.

Fortunately the threats are bogus, and the hitman just another cybercriminal. It’s just a new play on the old Nigerian scam, only they appear to be getting tired of making up stories about lost family fortunes, exiled royalty, and fake inheritances from fake relatives and have turned to simple threats. Pay up or die. It’s unknown how many people have fallen for the threatening scam but one thing is clear, those who do will get more messages with more threats and extortion as they’ve indentified themselves as an easy mark.

The Nigerian or 419 scam (named after the Nigerian criminal code covering it) has been around almost as long as the web itself. Sadly, many people have lost their life savings and a few have even lost their lives after traveling to Nigeria to find their promised fortune.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

New Spam Campaign Delivers Death Threats

A security firm has put together a top 10 most wanted list of botnets. These botnets are responsible for pumping out the majority of the global spam volume which is now at a whopping 230 billon messages a day. Most of them have originated in Eastern Europe which makes the criminals behind them very hard to track down. Lets take a look at the list:

1. Rustock- Responsible for 43% of the global spam volume this is the biggest active botnet on the web. It pumps out millions of pharmaceutical spam messages for the infamous Canadian Pharmacy and others.
2. Mega-D- Coming in second with 10.2% of total spam volume, this is one of the longest running botnets around. It too sends out mainly pharmaceutical spam and gets its name from one of the fake drugs it hawks.
3. Festi- This newcomer is responsible for 8% of the total world spam volume and seems to work in tandem with the Pushdo bot net.
4. Pushdo- This is  a very complex botnet that carries out multiple campaigns and distributes malware as well as spam. Currently responsible for 6.3% of the total spam volume.
5. Grum- This is another pharmaceutical spam spewing botnet, currently responsible for 6.3% of total spam volume.
6. Lethic-Responsible for 4.5% of total spam volume and also acts as a spam proxy.
7. Bobax- Responsible for 4.3% of total spam volume. Pumps out pharmaceutical spam.
8. Bagle- Primarily acting as a proxy, Bagle is responsible for 3.5% of the total spam volume.
9. Maazben- With 2% of the total spam volume, Maazben sends only casino related spam.
10. Donbot-Another pharmaceutical spam spewing botnet responsible for 1.3% of total spam volume.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Top 10 Most Wanted Spam Producing Botnets

It’s really not surprising but it’s disgusting anyway. A new phishing attack is aimed squarely at the victims of the disaster in the Gulf. Emails claiming to be from BP CEO Tony Hayward are circulating on the net. The emails offer a $500,000 “grant” from the company in exchange for some personal info such as their bank account number and social security number, so the email claims, they can deposit your grant funding right away.

Authorities say the emails actually originate in Nigeria. The Florida Attorney General’s office is so concerned they issued a statewide alert about the scam. It’s not the first time scammers have exploited a tragedy and it won’t be the last. After pop legend Michael Jackson’s sudden and tragic death last year, spam campaigns exploiting the event exploded across the net, offering links to “exclusive” videos and autopsy photos. Similar spam campaigns have exploited the financial crisis, the death of actress Brittany Murphy, Swine Flu, the World Cup and other big news events. Holidays are also exploited and we can expect to see Halloween and Christmas themed spam start rising in a few months. Those types of spam campaigns often hawk fake pharmaceuticals and designer goods.

Authorities say while the person or group responsible for the fake BP emails hasn’t been tracked down yet, the United States Postal Inspection Service is investigating. The scammers may have to rethink their scam though as Tony Hayward is no longer CEO of BP.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

New Phishing Scam Targets Oil Spill Victims

Apple has joined Google, Dell, and Yahoo! in the list of companies being sued by InNova. The company claims they, along with 32 other companies, have been using their spam filtering technology without permission for an unspecified amount of years.

InNova claims the patent was granted to mathematician Robert Uomini in 1995. Unomini is credited as the founder in the lawsuit while InNova takes credit as the patent licensing company he went through. The technology is called “System for Adding to Electronic Mail Messages Information Obtained from Sources External to the Electronic Mail Transport Process” but few details have been given about how it actually works, other than the very vague “helps determine what emails are spam and which are legit”. However that hasn’t stopped the company from declaring that if it weren’t for them, the entire email system would fall apart.

          “More than 80 percent of email is spam, which is why companies use InNova’s invention rather than forcing employees to wade through billions of useless emails. Unfortunately, the defendants appear to be profiting from this invention without any consideration for InNova’s legal patent rights,” said patent-infringement attorney Christopher Banys.

The suit lists everyone from Bank of America to Frito-Lay, Dr. Pepper and RIM. It’s not yet known why InNova and Uomini waited so long to sue or why they chose the companies they did. The suit was filed in the U.S. District Court of East Texas. Texas has long been known as extremely friendly to those filing patent suits.

None of the companies named in the suit have yet commented.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Apple Facing Lawsuit Over Spam Filtering

Security experts are warning about a new phone scam exploiting Microsoft. The scammers are making phone calls claiming to be from the company’s tech support department. The fake Microsoft representatives call and explain that critical errors have been detected in the recipient’s operating system and they want to help correct them. To do so they walk them through several “diagnostic” steps, one of which is to download a program from a website the scammer sends them to. If the recipient goes along, they will have given the scammers remote access to their computer. They then turn their system into a zombie, add it to a botnet and start pumping out spam. Some variations of the scam use the remote access to launch a phishing attack, scanning the system for any personal information. A few bold scammers have even demanded payment for their “help”! So far the scam calls have been reported in Australia, the UK, and the United States. It’s not yet known exactly what botnet is behind the attacks.

If you or any of your employees get such a call, hang up immediately. Should someone in your company fall for the scam, take the infected computer off your network and off the internet completely until it can be cleaned out. An even better idea would be to keep computers containing sensitive data such as financials and employee info isolated from the network and internet in the first place. If it’s not connected it can’t be infected very easily.

Microsoft says they are aware of the calls and are investigating.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Phone Scam Adds Computers to Botnet

Hackers hit the Yahoo! email account of Iowa State Senator Bob Dvorsky earlier this month and used it to send phishing emails to everyone on his contact list. The emails were titled “Emergency Please” and claimed the Senator was stranded in Scotland because he had been mugged and needed money to pay his hotel bill and get home. Presumably in an effort to cover all bases, the hackers made sure the emails also mentioned that he had contacted the U.S. Embassy and had gotten no help.

Anyone who believed the message and replied would have received instructions to wire 10,000 pounds (roughly $15,000 US) overseas. In reality however, Dvorsky was safe at home and in no need of any financial assistance. He found out about the scam emails from his friends. He admits that the hackers probably had his password because he gave it to them. Dvorksy said that earlier this year he got an email claiming to be from Yahoo! and asking for his password. He complied with the request.

This scam is nothing new. Last year a member of Britain’s parliament was hacked and just last week I got a scam mail from a friend which was nearly identical to the one described here. The hackers use this trick figuring that a person’s friends will trust that the sob story is true and send the money.

Unfortunately, if people don’t check sources when they get an email asking for their password, phishing scams will remain alive and well.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

State Senator’s Email Hacked