The FBI has issued a warning about a new wave of holiday greeting card spam. Scammers are sending emails claiming the recipent has recieved a holiday greeting card from a friend or family member and asks them to click on a link to view it. The link leads to a malicious website made to look like the  page of a popular electronic greeting card site like Hallmark. The site downloads malware on to the recipents computer. It also directs all network traffic between their browser and the fake page, allowing the scammers to steal their personal information. They offer the following tips to help protect yourself from this and other malicious spam attacks:

Read the rest of this entry »

Today is Cyber Monday, the day when online retailers expect sales to peak for the year as shoppers are expected to spend over $800 million this year. As shoppers return to work after the long holiday weekend and log on to find bargains, experts say spammers and scammers will be along for the ride. Last year phishing attacks shot up an amazing 300% at Thanksgiving, and this year is expected to be no different. Spammers and scammers know the weak economy has shoppers wanting bargains more than ever and they will take advantage of it.

Read the rest of this entry »

The U.S. Department of Defense was hit with a severe malware attack this week. The attack, which originated in Russia, was targeted at the networks in the department’s Central Command, which oversees the U.S.’s involvement in Iraq and Afghanistan. DOD sources say at least one highly classified network was compromised. According to the Los Angeles Times, the malware has been around awhile:

          The invasive software, known as agent.btz, has circulated among non-governmental U.S. computers for months. But only recently has it affected the Pentagon’s networks. It is not clear whether the version responsible for the cyber-intrusion of classified networks is the same as the one affecting other computer systems.

The malware is able to spread to any flash drive plugged into an infected computer. The risk of spreading the malware to other networks prompted the military to ban the flash drives.

Read the rest of this entry »

Posted in Spam news No Comments Tags: hacking, malware

When McColo, an ISP known for being a haven for spammers and scammers was knocked offline two weeks ago, the notorious Srizbi Botnet went down with it. This resulted in global spam volume plummeting by as much as 75%. Sadly, that’s about to change. FireEye, a threat research firm, has discovered that Srizbi is rising from the dead.

Researchers at the firm have discovered that Srizbi has begun updating all of its bots via its new command servers located in Estonia. New domains linked to the botnet have been found as well, with registrations located in Russia.

Read the rest of this entry »

Spamhaus has released its latest list of the top 10 spammer-friendly ISPs and there is one familiar name, Microsoft. That’s right. Microsoft sits in the number 5 spot on the list. Why do spammers like Microsoft? The same reason they love Gmail. They know those domains have a highly positive reputation and aren’t likely to be placed on any blacklists. This increases the chances of their spam actually reaching people’s inboxes.

The spam tracking group says spammers and scammers routinely use Microsoft’s Live.com and Livefilestore.com to send spam and redirect visitors to various sites that sell porn and fake drugs.

Read the rest of this entry »

If you’ve ever wondered why Nigerian spammers never seem to give up, MaximumPC has the answer - their scam still works! In an article on their site, they report that over a period of 2 years, a woman gave them $400K! She refused to believe she was being scammed, convinced she was dealing with an inheritance from her long lost grandfather:

          The email promised $20 million to Spears, money which was supposedly left behind by her grandfather whom she and the rest of her family had lost contact with over the years. She states “So that’s what got me to believe it.”

Read the rest of this entry »

Posted in Spam news No Comments Tags: spam

The FTC has shut down a known malware and spyware vendor. On Monday a U.S. District Court handed down temporary restraining order forcing CyberSpy Software to cease selling its RemoteSpy program, which is a keylogger. The company was also ordered to shut down its website.

The program records every keystroke on the infected computer, takes screenshots of the screen and records the addresses of every site visited. It also records all documents opened and logs conversations from a variety of IM programs including MSN Messenger, AIM, Skype, and Yahoo! Messenger. This information is transmitted to CyberSpy’s website where their customers log in to retrieve it. The program also comes with instructions on how to disguise the software and send it via email to their unsuspecting victims. Installation is as simple as clicking on a image. From the FTC’s complaint:

          The defendants violated the FTC Act by engaging in the unfair advertising and selling of software that could be: (1) deployed remotely by someone other than the owner or authorized user of a computer; (2) installed without the knowledge and consent of the owner or authorized user; and (3) used to surreptitiously collect and disclose personal information. The FTC complaint also alleges that the defendants unfairly collected and stored the personal information gathered by their spyware on their own servers and disclosed it to their clients. The complaint further alleges that the defendants provided their clients with the means and instrumentalities to unfairly deploy and install keylogger spyware and to deceive consumer victims into downloading the spyware.

Read the rest of this entry »

Posted in Fighting spam, Spam news No Comments Tags: malware, spyware

Researchers at Microsoft have discovered that most phishing scams bring in little to no money. Their study blames this on the oversaturation factor. Just as overfishing has caused a deep decline in certain fish populations, the sheer number of phishing scammers seeking maximum returns has resulted in “overgrazing.” The other problem facing them is that the more phishing scams a person comes across, the wiser and less likely to fall for them they become.

          “Phishing appears to be a low-skill low-reward business. The enormous amount of phishing activity is evidence of its failure to deliver riches rather than its success. Repetition of easy money stories without scrutiny makes things worse by ensuring a steady supply of new entrants,” the researchers argue.

Read the rest of this entry »

Posted in phishing No Comments Tags: phishing

Security experts say spammers and cyber criminals have already begun sending out holiday spam. The messages hawk fake goods and lotteries, offer info on President-Elect Obama, or temp job hunters and those worried about the economy with messages made to look like employment opportunities from major companies.

The shopping spam offers fake Rolexes and urges the recipient to start their Christmas shopping early. Similar messages promise a chance to win money for holiday spending. Some of the messages lead to phishing sites, others install malware and turn the recipient’s PC into a zombie machine.

Read the rest of this entry »

A web hosting company allegedly responsible for at least 75% of the daily spam volume worldwide has been forced offline, thanks to evidence gathered by security experts. McColo Corp, based in California, had its service terminated by its ISP, Hurricane Electric earlier today.

Experts say the company hosts a vast community of cyber criminals including spammers, phishers, malware distributors and even peddlers of child porn. It’s also believed that McColo servers hosted the massive Rustock and Srizbi botnets. But will the move really take a bite out of cybercrime? Probably not. The criminals will in all likelihood move their operations elsewhere, most likely to an overseas host. Another ISP notorious for hosting cyber crime, Intercage, was shut down twice last month, and while experts say that closure helped kill the Storm Worm, evidence shows some of Intercages clients have set up shop on a server hosted in the Ukraine. As long as there are webhosting firms willing to look the other way, these shutdowns will only be temporary obstacles rather than permanent solutions.