This campaign has several layers of brandjacking in it, making it a little more complex than most. Since it seems designed simply to allow the phishers behind it to steal email accounts and doesn’t attempt to install malware on the victim’s computer, it’s not that harmful as far as malicious spam goes.

Why the attempt to steal so many email addresses? Obviously to allow spammers to send out more spam, but it may also be an attempt to gather resources for another attack. Have you ever received an email from a friend or colleague telling you they are overseas, got robbed, and need your help to get home? Chances are they fell for a phishing email like the ones being sent out in this new attack, which allowed the scammers to access their email accounts and spam their contacts.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

OpenID Exploited by New Spam Campaign

Why they work

FUD is used to prey upon a victim’s ignorance, self-doubt, paranoia, and general willingness to believe anything that is negative. Spammers, phishers, and their like use FUD like a blunt object, because it works. This works for any number of reasons. More people tend to be trusting than not, and many more are willing to believe that they did something wrong, or that anyone with the semblance of authority is to be believed. Far too many non-technical users still think that because they don’t work for a big company or have their own website, no one could find them so anyone who does must be legitimate. Our own banks, credit card companies, mortgage holders, large companies, and governments, contribute to the problem by either sending out confusing communications themselves, or worse still, not making absolutely clear what they will and will not send to customers in email. This leads to a situation where a user cannot be sure what is and is not legitimate email, and they tend to err on the side of belief, where they should instead be skeptical by default.

How to recognize them

First things first – If you get an email from a company that you have not done business with, then you should automatically be suspect of the message. That is not to say that you should always trust any message that purports to be from a company you have done business with; only that you should know who you deal with and suspect anything that comes to you from someone you don’t.

Look for some of the hallmarks we’ve discussed in earlier articles in this series, especially links. Mouse over them without clicking on them, and see if what appears in your status bar, or in pop-up text, matches what is in the email, and that is seems to go to the business website.

Requests for personal information are almost universally a sign that the message is bogus, and if it is legitimate, the company should know better. Anytime you are directed to log onto a site and update your information, consider it a scam.

The more urgent a message seems, or the more emphatically it directs you to action, the more likely it is to be a scam.

What you should never do

1. Never click on a link in any message like this.
2. Do not reply to any message that you suspect may be bogus.
3. Do not forward any message that you suspect is bogus.

What you should do if you still aren’t sure

If you want to make absolutely certain that a message is fake, you can do one of two things. You can either call the company directly, or visit their website. DO NOT trust any phone number or URL that is contained in the suspicious email. If you really do have a relationship with the company that the email is allegedly from, go get your invoice or monthly statement and find the phone number or URL printed on that. If you don’t have that, use your favourite search engine to find their phone number or website. If you do have an account with the company and they really did need you to do something, either the customer service representative you speak to will have that information on the screen in front of them, or you will get a warning about what is required as soon as you log on.

You might also use your search engine to check to see if anyone else has reported a scam. Search for the name of the business and the word scam or fraud to see what results come up. You can also visit sites like http://www.hotscams.com to search for the name of the company to see if there are any reported scams that look like the message you have received.

A healthy degree of skepticism is critical in this day and age when anyone in the world can send anyone else an email that purports to be from anyone else. Reputable companies know the dangers of FUD, and will never send you an email requesting personal information, or that contain links to websites other than their own. Keeping always in mind that scams abound, you should be ready to recognize and to handle (that means delete) any scam message that gets past the filters and into your inbox.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Let’s Talk About Spam – FUD

Newt 2012, the organization behind the now defunct presidential campaign of former House Speaker Newt Gingrich, is showing a truly ugly side of itself. It’s no secret that presidential campaigns require a lot of money, and Gingrich’s was no exception. Even before he pulled out there were claims that it was struggling for money and seriously in debt. Those claims have been confirmed – they owe over $4 million.

Now that the campaign is over, guess how they’ve decided to make some fast cash?

By selling their email list to spammers. The list, which contains the names and email addresses of people who donated or otherwise supported the campaign, is being offered to any spammer will to fork over some dough. By doing this, they have made it clear their privacy policy is full of lies:

“We are committed to protecting your privacy online.”

“We may also use your email address to provide you news and information about Newt 2012. We may also…send you email messages about upcoming events or activities in your area.”

They are also engaging in a shady practice known as email appending:

““Email appending”…refers to taking known demographic information and using various methods to determine an email address for the purpose of adding people to a list or otherwise sending them email messages.”

In other words, even if you did not give the campaign your email address when you made a donation, they can find it and add it to their list anyway.

Let this be lesson to you about how NOT to do business. It doesn’t appear that what they are doing is in violation of the CAN-SPAM Act (although it should be), doing either of these things is a really great way to anger customers, damage your reputation/brand, and get you on spam blacklists, among other things.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Spammers Love Newt Gingrich

In today’s post, we’re going to take a look at some actual spam messages to help you get a feel for what spam looks like. We’ll point out some of the obvious characteristics, as well as some of the more subtle traits that tend to be common amongst spam, to help you get more familiar with identifying it yourself. Once you know what to look for, spotting spam becomes less like “Where’s Waldo” and more like spotting the wolf amongst the sheep. Once you know what to look for, it’s hard to believe you ever missed it.

Who is that?

Unless you make it a habit of giving out your email to every stranger you meet, treat any email that comes from someone you don’t know as suspect. This doesn’t hold true if you are the contact person at your work, but for your personal account, don’t assume you have to open every message sent to you. If you don’t recognize the sender, it’s probably going to be junk.

Open attachment

Any email that contains nothing more than an attachment, and maybe a short one liner telling you to open the attachment to read the important message is not only spam, it may well be malware. Delete these without opening the attachment, and if you did open the attachment even though I warned you not to, make sure to run a full anti-virus scan immediately.

Dearest friend

Not too many people speak like that, except for those scammers who are trying to get you to help them smuggle unclaimed funds out of their country, or are appealing to you to donate to their worthy cause.

藥品全.面瘋狂贈​

Unless you actually read the language, it’s a safe bet that any messages that arrive in your inbox with subjects or senders that look like this are probably spam.

me

Odds are, if you email yourself something, you’ll remember it. Anything else that looks like it came from you to you is from someone spoofing your email address.

RE:

If you see a message with the subject line starting with RE: you will probably think it is a reply to an email you sent. Think about it though. Do you recognize the sender and do you remember sending an email with that subject? If both of those answers are no, hit the delete key.

Big Government Entity

Spammers often pretend to be a governmental agency to get you to open their messages. Law enforcement and tax authorities are often spoofed. If someone from the FBI was going to email you, it would probably come from some username @ fbi .gov, not FEDERAL BUREAU OF INVEST. and would likely be in response to an email you sent. Look at the sender and the subject line, and ask yourself if it even feels a little bit legit. Odds are you’ll be hitting the delete key and you’ll be right to do that.

Big Corporate Entity

Same thing here. You just aren’t going to see legitimate emails from COCA COLA COMPANY or WALT DISNEY WORLD as the sender.

You may already be a winner

And you may already know what to do with any message that promises winnings from some contest you never entered.

Blessings to you

Should be immediately followed by deleting by you. Many of the phishing scams out there start with some benediction because hey, anyone nice enough to start an email that way must be honest, right?

ANYTHING IN ALL CAPS

This is almost universally equated on the Internet with shouting at the top of your lungs, and it’s just not going to be something legitimate email is likely to have.

no subject

Most mail clients will warn the user before they send a message with no subject, but no spammer program will. If the message has no subject at all, it is almost certainly spam.

While none of these are 100% absolutely and without exception guaranteed to be the hallmarks of spam, each and every one of them is something you want to watch for, and be suspicious of any email you receive that falls into one of these categories. The best thing you can do is approach your inbox with a healthy bit of skepticism, and err on the side of caution.

I’m sure some of you are wondering why I left off your favorite spam warning sign. Please, share the best with the rest of us by leaving a comment below!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Let’s Talk About Spam – The Worst Offenders

Spammers are now looking at new targets to help them replace that lost income. Along with increasing efforts on social networks, which they’ve been pummeling steadily for the last few years with various phishing and likejacking schemes, they’ve also been fine tuning their black hat SEO techniques and focusing on the newest player in the spam game-mobile devices. SMS spam has started to rise and in some countries has already become a huge problem.

Does this mean your inbox is safe? Not really. The spam that’s still being pumped out is more highly targeted and sophisticated. Spear phishing attacks have seen an increase, as have campaigns featuring malware ridden spam messages. Some of these campaigns feature the Zeus Trojan while others offer lesser known variants. All are designed to steal log in info and bank/credit card details. The spammers could be harvesting such info with the intent to sell it, or to make a quick buck. It’s also possible that they are trying to create new botnets or repopulate older ones, but the huge audiences on social networks continue to be the most popular targets. One out of every 60 messages posted on Facebook and one out of every 100 tweets on Twitter are spam.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Cybercriminals Leaving Email Spam Behind

Most people wouldn’t find this surprising at all because of the assumption that India is a base for cyber criminals intent on ripping off the hard working public.

But if this were the case, why did India unseat the United States for this honor?

It might be because the number of computers in India has ballooned over the years. In fact the Deccan Herald reports that the number of computers in urban India has doubled over the past three years to 28 million.

That means at least 14 million new computers are in the homes of people who haven’t had much experience using them before.

These naïve new users are just the kind of targets spammers are looking to manipulate; and it seems to be working because most of these spam messages come from “domestically hijacked PCs”.

Spam isn’t going anywhere

Despite being constantly told that spam is declining numbers like these show us that spam really isn’t going anywhere, anytime soon.

As computers become more accessible, spammers, and other cyber criminals, will find new victims to take advantage of. These victims often come from economies that have seen a sudden growth over the last few years. Take, for instance, some of the other countries that have found themselves on this list:

• South Korea
• Indonesia
• Brazil
• Pakistan
• Vietnam
• Poland
• Peru
• Taiwan

Of course countries like the United States, Russia and Italy remain on the list as well.

What does this mean for the fight against spam?

In addition to having a much larger threat landscape as a result of all the newly connected computers, the bad guys are dealing with a new crop of computer users who haven’t been taught how to avoid spam and malware. These potential victims will continue to add zombie computers to help rebuild the fallen botnet armies and establish newer one as well.

But it doesn’t have to be this way. As a matter of fact, each new computer user that plugs into the Internet for the first time offers the good guys a chance to start with a clean slate, a tabla rasa when it comes to doing the stupid things that make it easier for spammers to flourish.

So just what are the things we would like to see ingrained in these fresh minds? Take a look and see:

1. Get them used to creating strong passwords right from the beginning to make it hard on the bad guys.
2. Understand that anti-malware scanning takes time but it still needs to be done daily.
3. In addition to scanning for malware, they need to know that the definition files need to be updated constantly. This too takes time but it has to be done.
4. Don’t click on links that you don’t trust. Even if you do trust them, be extremely cautious.
5. If your computer becomes infected with malware, change all your passwords immediately after cleaning your computer.
6. Don’t sign up for free stuff. Punching a monkey will not get you a free iPad or Xbox. Coupon sites are dangerous also. Most of them will flood your inbox with targeted spam because you filled out a pretty detailed questionnaire.
7. Don’t post your email address all over the web. If it is listed on a website you will get spam sent to you.
8. Use a throwaway email address for registrations. Never use your good email to sign up for stuff online.
9. Teach your spam blocking software what junk mail is. The more you identify spam, the smarter it becomes.
10. Keep your work email and personal email separate.

Who knows, maybe if enough people are taught how to avoid spam, malware and phishing from the beginning we can really see some significant reductions in their numbers.

Did I forget a tip that you know of? If so, be sure to mention it in the comment section below!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

India is the New Spam King – What Can We Do About It?

Coming on July 9, “Internet Doomsday”, as it’s been dubbed by the media, is the day when countless Internet users will be disconnected from the lifeblood they so desperately need to friend people, like (but not unlike) things, make deep and lasting statements in 140 characters or less, tend to virtual farm animals, fire angry birds at things (question: why are they angry? One might presume it’s because we fire them at things, but you have to remember that they were angry before that) and generally get their fill of free porn, dubious accounts of movie stars, and as many uncorroborated facts as people care to digest. Simply put, Internet Doomsday is the day when the ultimate payload of a five year-old Trojan comes crashing down.

The case of DNSChanger came to a satisfying end last November when the FBI, in partnership with law enforcement agencies that included cops in Estonia, carried out a bust dubbed Operation Ghost Click, only the coolest nickname for a criminal operation, like, ever. DNSChanger, which has been around since 2007, spread itself widely through spam e-mail, while infecting millions of computers and netting the spammers untold riches in advertising revenues. Basically, when it delivers its payload, DNSChanger modifies the DNS settings of the infected system so that legitimate URLs are redirected to malicious sites designed to steal information and earn ad revenues for the scam artists.

Operation Ghost Click saw two data centers and hundreds of C&C servers in the U.S. shut down on November 8, while six Estonian scumbags were carted off in handcuffs; but the hard work of law enforcement continued long after the bust. The FBI had to put something in the place of DNSChanger’s servers – a legitimate redirect service so that infected systems could continue to operate. As indicated on GFI Labs, July 9^th is the date when law enforcement pulls the plug on the clean DNS servers. After that, users who weren’t aware that they were infected – and there will be many – will have to deal with the unfortunate reality of virtual crops wilting away, and they will have to figure out why the Internet connection thingy ain’t working so good no more.

That’s why the FBI and other agencies have put the word out. The hope is that people will learn of the impending doom on July 9^th and have their systems checked.

To learn more, head on over to the FBI’s site. You should direct as many users as you can to that site and to the DCWG’s site (http://www.dcwg.org/detect/), where you can choose a URL from the provided list to determine if your DNS is being routed properly. There’s even a section that lets you manually check your system for infection. If no infection has been detected, users can promptly get back to liking things and firing angry birds at them. If, however, a user’s system is having its DNS re-routed, then users should follow the advice at DCWG’s site, or contact their ISP right away.

It is not recommended that users write 140 character diatribes lamenting that their world is about to end on July 9^th. Tell them to write about something happy, like Brangelina and those six lucky kids. Me, I’m still trying to get them to adopt me.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Doomsday Coming July 9, Mayans Disagree

“Defendants are using anonymous gmail.com email accounts and have sent five or more emails to hundreds of AT&T employees located in the aforementioned call centers. These emails are being distributed via internal AT&T email distribution lists. As a result, AT&T has been forced to reconfigure its email distribution systems, perform scans for malicious programs, and install electronic safety measures – all of which resulted in damage to AT&T’s computer systems,” the complaint states.

It’s not clear how reconfiguring their email, running an anti-virus scan, and installing security software (shouldn’t they have had those to begin with?), could possibly damage their systems, but the company says the spammers, who used Gmail accounts and pretended to be various AT&T management officials, sent messages to the various call centers announcing fake dress code changes, fake call center closings, and even a fake emergency evacuation.

“AT&T claims the emails have disrupted services at its call centers and have “affected AT&T’s ability to provide services to its customers. This disruption in service has resulted in additional customer service costs as well as increased overhead costs as AT&T was required to compensate its employees for significant non-productive time.”

What does seem clear is that the person or persons behind the spam have a definite grudge against the company and may be a disgruntled employee or former employee. The complain stated one of the Gmail account names was “”ImTooUppityForThisJob,”

AT&T plans to subpoena Google to find out the identity of the spammers. They are seeking damages under the  federal computer fraud and abuse act.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

AT&T Sues Gmail Spammers

When emails proclaimed:

• URGENT
• Save money on XXXXX
• Viagra without a prescription
• You have won $150,000,000 in the European lottery
• Request for assistance in a financial transaction

They usually went right to the digital garbage can.

When the anti-spam solutions started using Bayesian filtering on the message content as well as the subject lines, the spammers had to step up their game and started becoming a bit more creative. Subject lines of this era switched from legible words to things like:

• DeerpessionMayBbirngBrgihhtAndHaappyMonothsOfYourLifeeToNotihngEassily
• b00bs
• Vi@gr@
• Repl1k@

Of course, this worked (for a while) against spam filters but most people recognized the feeble attempt to put one by them right away. Like their predecessors, many of these emails wound up in the trash.

Fast forward to the modern day when spammers aren’t the smartest guys on the block. Anti-spam solutions are built that can stop malicious and unwanted email before it infiltrates inboxes based on message headers, subject lines and the content of the email itself.

People are much more aware of spam as well. At one time unsuspecting victims may have fallen for the 419 Nigerian email schemes or promises of enlarged anatomies, but those days are waning as well. Victims are becoming harder and harder to find.

So of course, the spammers are changing up their methods once again. And one of the biggest changes can be seen in the subject lines of the messages they send.

While they still rely on trickery and urgency, spammers today have started using scare tactics instead of the hard sell.

In recent months the subjects most commonly used by spammers are as follows:

The fake order

Your Order N23242 or simply Order N23242 have begun to grace email inboxes worldwide. The message simply instructs the recipient to click on the enclosed link to view the license to a software product, usually an Adobe package.

If you didn’t order any software this should clue you in right away that this email: 1) either wasn’t meant for you or 2) this email is spam.

But people click on the link and instead of a free copy of the software their computer is infected with some nasty malware.

Speeding tickets

Usually a FWD: or RE: accompanies the subject Uniform Traffic Ticket along with an ID number to make everything look official. When you open the email you will see that a police agency, usually the State of New York, has charged you with a traffic violation. If you click the link, you can read and fill out the necessary form.

People who are afraid to lose their license have been known to click that link without a moment’s hesitation – even if they have never been to the state issuing the violation.

Airline tickets

With airline security so tight nowadays, there is no way someone could board a plane with someone else’s ticket. It just doesn’t happen.

So why would a person who received an email regarding Your Flight Order N969-4491687 (or some other bogus number) feel compelled to click a link where they could download and purchase their tickets if they never purchased them in the first place?

Those who do are almost immediately infected with the Blackhole exploit kit that allows malicious hackers to do some pretty nasty stuff to their computers.

Package delivery

What’s worse than the delivery person confessing that they are actually a Land Shark? When an email claims to contain a link that allows you to track a package.

People order so much online these days that package tracking is common. Add to this the fact that if someone sends you a gift, you may also receive information to track the package.

This legitimacy has made it harder to detect this type of spam so even people who are aware and diligent have fallen victim.

Tax season

The IRS had made attempts over the years to put on a friendlier face, but people in the US are still afraid to receive any type of notification from them.

As a result, emails sent with subject lines that read FRAUD ALERT for ACH, IRS required new EIN or IRS Tax report catch people’s attention.

Not only does this effectively scare people, but unlike some of the other examples, there is no way to determine if this is true or not. The only options anyone who receives an email like this has, are to either ignore it until they receive something in the mail or contact the sender by phone to determine the message’s legitimacy.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

5 Popular Spam Subject Lines You Need to Know

Is your spam email giving you problems? Whatever your spam’s behavioral problems, worry not, because the DMA has some sagely advice for you: hit it on the nose with a newspaper.

Okay, so that’s not really their advice, but in their recent white paper entitled Email Deliverability Review, the Direct Marketing Association (UK) Ltd. and Return Path do have some advice about how to tame that email message so that it doesn’t get flagged for bad behavior, explaining that

the document was written “…for the email marketing programme owner who has realised that their broadcasts are starting to experience delivery problems, and are trying to identify why this may be the case.”

In case you missed it, the preamble above can be boiled down to a simple statement: this guide will help you get around spam filters. If you doubt that statement, read this cleverly crafted sentence:

“With most major ISPs now implementing inbox placement prioritisation techniques, [read: spam filters] a new set of behavioural metrics [read: spam filter workarounds] are becoming increasingly important within the realm of email deliverability.”

Needless verbosity aside, one really cannot fault the DMA for trying to help direct marketers reach their target audience, but there are those who believe that spam is spam.

The white paper delivers several key messages:

“The factors that influence email deliverability are starting to change. Instead of focusing their efforts on punishing ‘bad’ email, ISPs are now considering how to reward ‘good’ emails.”

This is an interesting point. I’ve never thought of unwanted email as a puppy before. The document goes on to state that:

“over the past few years, the emphasis on email deliverability has changed substantially. Previously, the key question was a fairly simple one – “Why are my emails getting blocked, and what can I do to make sure that they don’t?”

I’d be pleased to answer the first question. The reason they’re being blocked it because they’re unwanted. As for the second, that is the million dollar question, isn’t it?

Now, just so we’re clear, the paper does state its focus to be on “permissioned email activity” and that in their attempts to block the bad, the good isn’t getting through.

“…there has been something of a sea change in the way that ISPs and spam filter vendors have been dealing with unsolicited commercial email. The primary reason for this change in emphasis has been because of the massive volumes of spam that Internet Service Providers (ISPs) are attempting to deal with…The challenge for ISPs is to be able to identify (and eliminate) this volume without incurring collateral damage and preventing permissioned email activity.”

The problem becomes this: who’s to say what is permissioned and what isn’t? It may sound like a simple question with an even simpler answer, but anyone living in the realm of reality is well aware of how easy it is to find oneself on a mailing list. In fact, obtaining a copy of the DMA/Return Path report requires  exchanging an email address…it’s worth wondering if forking over an email address to the council that sees itself responsible for direct email marketing will get you a boat load of spam.

The report sees the challenge as being:

“far more concentrated on achieving email delivery to subscribers’ inboxes. Recent research by Return Path shows that average inbox placement rates currently stand at 76.5% globally, and at 84.5% for Europe. In broad terms, one out of every five emails is not being delivered to the inbox.”

The problem seems to be with sender reputation, spam filters and blacklists, to highlight a few of the things the white paper hopes to pinpoint. While there’s no doubt that those bad spammers (is that an oxymoron?) out there will try to misuse the information presented by this paper, the white paper is clearly trying to do some good by helping qualified mailers. Some of the advice it offers:

-          Strengthen the permission mechanisms using methods like double entry of e-mail addresses and validation e-mails

-          Authenticate the sender’s e-mail addresses through a variety of means, including registering a subdomain specific to the e-mail activity

-          Senders should monitor their online reputation

-          Senders should manage their IP addresses

-          Senders should monitor complaints and take measures to reduce complaints

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Bad Spam! Bad!

Filipiak got so sick of being spammed that he started clicking the unsubscribe links in every junk message he got. The result?  More spam than ever. Spammers rarely honor those links. Instead, they’re there to let spammers know if they’ve got a live one or not. When they get an unsubscribe request, it tells them that address is active and that the person who owns it reads spam. To spammers and phishers, that’s gold.

But wait! According to CAN-SPAM regulations, all commercial emailers are required to include unsubscribe links or instructions in every message and honor all unsubscribe requests, right? Right, and legit companies do remove people who request it. The problem is spammers have taken that requirement and exploited it for their own gain. CAN-SPAM is meaningless to most hardcore spammers, especially those who don’t operate within the U.S. This could cause problems for legit companies if users start to believe that ALL unsubscribe links are bad. These problems could range from having your company website or Facebook page frequently pounded with “remove me!” demands, or complaints filed against you with your ISP or webhost.

The unsubscribe requirement of CAN-SPAM has been broken by spammers and a new solution is needed. Do you think the unsubscription requirement can be met in a way spammers can’t exploit it? If so, how? Leave a comment and share your ideas with us!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

To Unsubscribe or Not Unsubscribe? That Is The Question

Senders

Your email is, at the end of the day, yours. When you think about all the email that is in your inbox each morning, give a quick glance at all the messages that are in there. Look at the column that lists who the email message is from. Odds are, if you don’t recognize the sender, it’s spam. That’s not a 100% effective test, since you may not remember everyone by name, or you might be getting email from a company representative, but this should be the first thing you consider. If you don’t know who is sending you the email, that should be strike one.

Be careful though. Just because you do know the sender, doesn’t mean the message is guaranteed to be safe. Many spammers will try to fool you into opening their messages by using names you would know, and some malware will read an infected computer’s address book to send copies of itself to others, hoping that the recipients will open the message since it comes from someone they know. Don’t always trust everything from someone you know any more than you should automatically delete everything you get just because you don’t know the sender. But if you don’t recognize the sender, be suspicious.

Unless you speak a foreign language, senders with foreign characters in their name are very likely to be spam. Sender addresses with numbers in them are another red flag. Even companies you have heard of, if you didn’t sign up for their mailings, are probably another red flag. Reputable companies will only send you email if you sign up for it. It’s called “opting in.” But disreputable companies and spammers will use other companies’ names to try to trick you into opening their messages.

Sometimes companies will send email and the “from” address will be their name, but I have never seen a legitimate email where the “from” sounds like a subject line. If they do, odds are good the mail isn’t.

Here’s a test. Look at the following and see if you can spot the spam:

Yes, every single one of them is spam. eHarmony and the University of Phoenix are both reputable companies, but I have never signed up for either of them.

Subject lines

Read the subject line before you open the message. Odds are good that you will be able to spot the spam immediately just by looking at the subject line. Usually the product being shilled is listed, or the subject line has strange spelling or grammar. If you see numbers or strange characters where vowels or consonants should be, it’s another sure sign that the message is bogus. And anything that says something like “open the attachment to read an important message” is a huge red flag that should be deleted immediately. That’s a very common way to fool you into opening an infected attachment.

Spelling misteakes and bad grammer (see what I did there?!)

If you see poor spelling, strange grammar, or unusual phrases in an email, once again, it’s a sign that the message is not legitimate. If you do communicate regularly with people using a language that is not their first, don’t beat up on them for the occasional error, and be tolerant of kids (and others) who use shorthand spellings, abbreviations, and slang, but no legitimate business is likely to send you an email full of spelling and grammar mistakes.

Requests for personal information

No legitimate business anywhere in the world will ever ask you for confidential information in an email. Anytime you receive a message that asks you to reply with any kind of sensitive or personally identifiable information, like your physical address, your account number, or your password, hit delete immediately.

In our next post we’ll look at some of the worst offenders to help you feel more confident about identifying spam.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Let’s Talk About Spam – How to Identify Spam

In an effort to fight spam, the Internet Service Providers’ Association of South Africa
(ISPA) has been maintaining a Spam Hall of Fame.

Started in 2008, the list is regularly updated, and last month 64 spammers and 34 email address resellers were awarded the dubious honor. The organization says getting on the list has actually prompted some spammers to change their ways and agree to adhere to the ISPA’s guidelines. In return, they are removed from the HOS. Here are some of the  latest list spammers to be inducted:

Dynamic Seminars

New Heights 1268 / Jaco Derksen

SA Webs (not SA Web Design)

Ketler Presentations

Brain Power

Worldclass Mobile aka Marketing House

World Class Products

Kaleidoscope Advertising and eMarketing

The Peer Group

The SA Consumer Initiative

While I think this is an admirable undertaking, I’m not sure it really does much good. Sure, a legit company that found itself on the list would likely be very happy to change their ways so they would be removed, but I’m willing to bet the vast majority of the companies on that list are true spammers and couldn’t care less. After all, even the threat of prosecution and stiff fines promised by anti-spam laws doesn’t deter most spammers. They’ll keep right on pumping out their junk and profiting off the 1% who still click on their links despite all the warnings they’ve been giving.

How do you feel about the Spam Hall of Fame? If you were in charge of such an undertaking, who would you induct? Leave a comment and share your thoughts!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

South African ISPs Release Spammer Hall of Shame

New Phishing Campaign Targets Military Members:
http://www.spamfighter.com/News-17663-Fresh-Phishing-Campaign-Involving-Spoofed-E-mails-to-Military-Members.htm

UCLA Hit With Spam Attack for Fake Social Network:
http://today.ucla.edu/portal/ut/it-neutralizes-email-scam-for-232340.aspx

Street Signs and House Numbers Used as CAPTCHA Images:
http://www.slashgear.com/street-view-signs-and-house-numbers-get-used-in-recaptcha-30220700/

Malicious Spam Attacks Are Increasing:
http://www.virusbtn.com/news/2012/04_11.xml

Google to Millions of Webmasters: Your Site’s Been Hacked by Malicious Spammers:
http://www.zdnet.com.au/google-to-warn-millions-of-webmasters-339336278.htm

Have anything to share about any of these stories or know of any other story we might have missed? Please leave a comment!

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

April Spam Roundup

One of the problems many people have when dealing with spam, phishing, and malware, is that they don’t really understand why they should care. Spam seems like a problem for companies to deal with, and not something an individual should even care about. Our goal with today’s post is to help you individuals to understand just why you should care about spam, phishing, and malware.

When spam hits your mailbox, it’s usually just annoying, that is, as long as you can recognize it for what it is. Spam is like those late night infomercials, the third class fliers and circulars that hit your real mailbox, or the bulletin boards along the highways. They all are trying to get you to part with your hard-earned money, and they will do just about anything they can to convince you to spend. If they succeed; if you go ahead and click the link and fill out the form to make a purchase, the best you can hope for is that you will continue to receive even more spam in your inbox, since you are now considered a “live one”. At worst, you may have provided your personal information, including your credit card details, to a malicious individual whose goal is to rip you off.

Often it is very difficult to tell the difference between spam, and the more dangerous phishing message. Both are intended to get you to click on a link and submit your personal information with the goal of stealing from you. Whether what they want to steal is simply your contact information for more targeted marketing, or your financial details so they can steal money, is not something you want to put to the test. People who fall victim to phishing attacks can lose more than a few dollars. Their credit rating can be damaged, and identity theft is something that can cause problems for years.

Malware can be the worst of the lot, and have the most immediate impact. Malware is any kind of software that is designed to do something you don’t want it to. There are several different names for malware, including virus, Trojan, and worm, and there are different ways your computer can become infected. Opening attachments in emails is the most common way, but often times your computer can become infected when you visit a website built to host malware. Spam and phishing messages don’t have to include attachments to infect your computer. The links they include are often to web pages that include malware. Clicking one of those links can be as bad as opening an attachment. And what happens when your computer is infected with malware?

If you’re lucky, all it means is that your computer will now start sending spam out to your friends, your family, your co-workers, and a million perfect strangers. If you are not as lucky, it will start searching your computer for financial information like credit card numbers, bank account numbers, and other juicy bits of information. Or maybe it will start recording your every key stroke, grabbing your passwords and sending them on to the authors of the malware. You really don’t want them to be able to log onto your bank, do you?

Most credit and debit cards offer limitations on liability from fraudulent transactions. Purchasing online from reputable companies is safe and secure, and not something you should worry about. However, the amount of effort you may have to go through to file a claim when you fall victim to a scheme is enough that you must take this threat seriously. Your credit rating, your identity, and your bank account could all be at risk should you click on one of the links in a spam or phishing message thinking “what’s the worst that could happen?” The worst can be very bad indeed.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Let’s Talk About Spam – Why Should I Care?

But what about a law like the one in Danville, Pennsylvania that mandates all fire hydrants be checked one hour before all fires? The intent of the law is well-meaning; they want to make sure that the fire hydrants will work so firefighters can quickly extinguish the blaze. But good intentions aside, the law is still useless.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Are More Anti-Spam Laws Needed?

We even assume that they make bags of money on the backs of little old grannies living off fixed incomes, and even hard-working people like you and me. We imagine that they live lavish lifestyles that make most of us tremendously jealous and permanently resentful because the pockets of honest, god-fearing taxpayers fund it all.

But do they make money? Stop and think about it for a second. It’s not like you can pick up the yellow pages and flip over to ‘Spammers and Scammers’, trace your finger down the list to ‘ACME Spamming and Male Enhancement’, dial the number and ask in the most respectful Yoruba you can muster, “hey, how much are you making peddling fake Viagra?” (as an aside, it would be pretty funny to call a spammer, tell him you’re from Microsoft, and try to help him fix his system’s security).

For obvious reasons, you can’t survey the spammers, so for the most part we have to rely on empirical data. The problem, of course, with empirical data is that we often don’t have all the facts. On a corporate level, many businesses don’t want to let it slip that they got caught with their pants down, especially if the business is publicly traded and relies on stockholder confidence. On a consumer level, many people are just plain embarrassed to have been scammed, get told by law enforcement that there’s nothing the cops can do, or correctly assume that they have no legal recourse and don’t bother reporting it. So, for the most part, we don’t really have reliable data to go on and have to make a lot of assumptions.

Terry Zink, one of my favorite people and spam guru extraordinaire, recently penned an article on the subject. Entitled How much money do spammers make?, Terry’s article discusses his own skepticism at attempts to apply a number to the problem, and how a recent study by several PhDs at UCSD changed his mind on the subject.

The basic premise is that crime pays. “Well, duh!” you say, but we didn’t really know whether spammers are making any money. One could assume, of course, that they wouldn’t continue to peddle their wares unless there was some money to be made, and as the UCSD study reveals, one would be correct.

The researchers “reversed[sic] engineered the algorithms that spammer merchants use when they ship products (which, btw, contain mostly the correct chemicals that go into the real products).” In doing so, the researchers were able to calculate “how many orders they were processing and [multiplied] by the average price.”

In one example, Eva Pharmacy, an online purveyor of – what else? – Viagra (also referred to as a ‘men’s health’ product and even a ‘women’s health’ product, i.e., Viagra marketed to women – who knew?) is pulling down $2.4 million a month. Now, Eva Pharmacy skirts the boundary of what’s considered to be illegal, and as Terry points out, they happen to be one of the online pharmacies actually selling real product – that is, the pills they purvey contain active ingredients, unlike some other online pharmacies we’re aware of.

Terry’s notes from the presentation he attended also contain information about other spammers, and as it turns out, the economics of spamming very much resemble life outside the Interwebs, where some businesses make lots of money and others make a little. From this, we can extrapolate that some of them are living in those lavish mansions and that others, alas, probably have to settle for a nicely appointed home in an upscale African or Russian neighborhood.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Show Me the Money: The Economic Realities of Spam

According to a new study by Sophos on spam volumes over the first quarter of 2012, India is now the king of spam. One out of every 10 emails sent originates from India-based IP addresses. This time last year, the United States held the honor. They’ve since slipped to 2^nd place. Here’s the full “Dirty Dozen” of top spam producing countries:

1 India 9.3%
2 USA 8.3%
3 South Korea 5.7%
4 Indonesia 5.0%
5 Russia 5.0%
6 Italy 4.9%
7 Brazil 4.3%
8 Poland 3.9%
9 Pakistan 3.3%
10 Vietnam 3.2%
11 Taiwan 2.9%
12 Peru 2.5%

India’s dubious honor is largely due to the country’s rapidly growing base of internet users. This large and constantly growing pool of users is not being educated in the dangers of spam and likely not taking it seriously. There also seems to be little in the way of education about how to protect their computers from being infected with malware. This means many computers in India are infected and have become zombies, spewing out spam as part of a botnet.

Graham Cluley, Senior Technology Consultant says, “While traditional marketing spam may appear to be no more than an annoyance, offering pills that have questionable claims or to get you rich quick, they can often to lead to more serious threats to your personal information. The latest stats show that, as more first-time internet users get online in growing economies, they are not taking measures to block the malware infections that turn their PCs into spam-spewing zombies.”

While overall spam volumes have decreased, the spam that remains has become more targeted and more dangerous. Phishing attacks and malware infested spam are actually increasing.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

India Tops the Spam Dirty Dozen List

AT&T Wireless is being brandjacked by spammers in a new phishing campaign. The
messages are made to look like billing notifications from the cellular provider, and tell the recipient they have a balance due of $1000 or more. They also include a link for them to click to view and pay their bill. They are obviously hoping to reach enough people who get curious or angry enough to click it.

“If people are AT&T Wireless customers, they would be pretty outraged. We can imagine that a lot of people click on the malicious links.” Avi Turiel, director of product marketing with Commtouch, told Infosecurity. “They look very authentic, but when you mouse over the links, every one of those leads to compromised websites.”

The links lead to compromised websites. Once the recipient lands on one, it immediately attempts to download malware using exploits in Adobe Flash Adobe Reader, and if successful, the malware connects to a remote server and download even more malware.

AT&T’s just one of the many companies that get brandjacked by spammers every year. Among the most popular targets are Paypal, UPS, the United States Postal Service, and just about any bank you can think of.  Online banking logins are in high demand by phishers. Sometimes they use the info they steal to clean out bank accounts, but often they sell it to other cybercriminals. There are entire websites and forums that are dedicated to nothing but the buying and selling of stolen passwords, credit card numbers, bank account numbers, and other personal info. Sometimes these sites also connect spammers with botnet herders looking to rent out a piece of their zombie network to them for rock bottom prices.

AT&T Wireless customers who get one of these fake notices should ignore them. To check your balance, call them, or open your browser and go to the website directly. Don’t click on any of the links in the message.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

New Spam Campaign Features Fake AT&T Bills

What is spam?

It’s a funny name, isn’t it? Spam is the more common name for Unsolicited Commercial Email, and it owes its name to a Monty Python skit, not to the popular (in Hawaii anyway) canned meat. Spam is the Internet’s equivalent of the screaming salesman on a television commercial, or the junk mail that still fills the mailbox outside your house, and its purpose is the same; to get you to buy something. The biggest difference between the spam that hits your email and the others is that what is advertised on television or sent through the postal service is regulated. They can stretch the truth, but they are subject to very specific laws. Most television stations have certain minimum standards, and even if they don’t the shows that the commercials air during usually do which means it’s a lot less likely to find yourself ripped off if you choose to buy something from one of those traditional sources of advertising. But spam doesn’t always come as an obvious attempt to sell you something.

Sometimes it just wants you to click a link to visit a website. It might tempt you with funny stories, sensationalist news articles, or pleas for help from an alleged charity. When you click on the link, you will usually find that the website you visit is the type you really don’t want to visit ( or maybe you do), but the content is usually not what you expect. Often, clicking that link is the first step a hacker needs to infect your machine with a virus or other type of program we call malware. We’ll talk more about malware next.

What is malware?

Malware is a catch all name for any type of program that is designed to cause harm. You have probably heard terms like virus, worm, and Trojan used; these are all types of malware. Their goal is to make your computer do things you wouldn’t want it to, and would not approve of if you knew about it. Malware can steal information, like the password to your bank or credit card account, and can enable an attacker to take control of your computer without your knowledge. Bot-nets are armies of computers, tens or even hundreds of thousands strong, that attackers control through malware. They can use these computers to attack others, and sometimes sell these services to others. Yes, if your computer is infected by malware, anything you do on it could be observed by an attacker, or your computer might be used to take down another company’s network. If you click a link in a spam message, or open an attachment you were not expecting, you could become infected with malware. Attackers will often use a compromised computer to send more malware to other users in the first computer’s address book, since they are more likely to open an attachment from someone they know. And that is how an infection can spread from one machine to thousands very quickly.

What is phishing?

Phishing is an attempt to get information from you. Whether it is an email from a foreign lawyer trying to get you to help him move some dead person’s assets out of the country in exchange for a cut of the loot, the promise of a free vacation/laptop/tablet, or an appeal for help from some allegedly stranded relative who can email you, but for some reason cannot call, the phishing attack is after your personal information so the attacker can empty your bank account. Often they will pretend to be your bank, your credit card or mortgage company, your employer, or your Internet Service Provider. In the US they are even pretending to be the IRS. In all cases, if you get an email asking for ANYTHING personal, be skeptical. Never click a link in one of these messages. Use a search engine to find the phone number or contact information of whoever the suspicious message seems to be from, and contact them to confirm it. No one, and I mean NO ONE, who is legitimate will EVER ask you to email personal or confidential information like account numbers, social security numbers, or passwords.

There are two simple phrases that apply here; there’s no such thing as a free lunch, and if it sounds too good to be true it probably isn’t. Both apply, and yet everyday people fall for these attacks because at the end of the day, most people are nice, trusting, and think others are too, and the attackers are masters at deception. They know just what to say, and how to say it, to have the maximum effect on their victims. These are the Internet’s con artists, flim flam and confidence men, and grifters. You must be on your guard against these attacks and be suspicious of any email you weren’t expecting.

What are filters?

“Filters” is a catch-all phrase that refers to a variety of technologies that your Internet Service Provider, or your IT department, use to try to prevent spam, malware, and phishing messages from reaching your mailbox. They have varying degrees of success, and the bad guys are constantly coming up with new ways to get around them. It’s a numbers game; if they only get .01% of their targets to respond, and they can send one million messages a day, that’s still ten thousand victims. Even if they only net one US penny per victim, that’s a hundred dollars a day, and since they don’t pay that much in a month for their Internet connection, it’s easy money.

Why doesn’t the government do something?

It’s almost impossible for any one government to deal with spam, malware, and phishing. Anyone on the planet with an Internet connection can send you an email offering you practically anything, for any price, with any promise, and the only things that stand between you and a ripoff are filters, and your own common sense. Because many spammers are in a different country from you, it’s very difficult for any government to enforce their laws against spam. There is no Internet Police, and no single country controls the web. The biggest spam operations often violate other laws, and there have been several big arrests worldwide this year, but for every organized group sending spam, there are thousands of individual operators doing the same thing and they are almost impossible to catch. Ultimately, that means it is up to you to defend yourself. If you’d like to learn how, check back soon for the next article in this series.

Liked this post? Get more anti-spam related news from AllSpammedUp.com!

Let’s Talk About Spam – Spam, Phishing and Malware