Featured Article

ICANN move contributing to URL spoofing?

By the middle of next year, the lock that Latin alphabets have had on Internet domain names will be broken, when a plan announced last week by the International Corporation for Assigned Names and Numbers, better known as ICANN, is implemented. That prospect may have phishers licking their lips.

The move–claimed by ICANN as the biggest technical change in the 40-year history of the Internet–will allow domain names to be created in languages such as Arabic, Korean, Greek, Hindi, Japanese and Cyrillic. It was initially approved in 2008, but finalization won’t be completed until the organization wraps up its conference in Seoul, Korea. While the new non-Latin alphabet addresses won’t start appearing until next year, ICANN expects to see applications for the domains appearing as early as next month.

ICANN estimates that more than half of the Internet’s 1.6 billion surfers use non-Latin alphabets and that the acceptance of those alphabets in domain names will save 60 billion to 100 billion keystrokes a day by averting the need to type country codes in Web addresses. Some countries are already using their native alphabets in domain names, but their country codes are in a Latin letter set. Bulgaria, for example, uses Cyrilic, but uses .bg for its country code.

ICANN move contributing to URL spoofing?
   

9 Benefits of Hosted Antispam Services

Cloud computing is a popular topic these days.  One of the ways in which cloud computing is being delivered to businesses is by hosted email security services.

A hosted email security provider offers antivirus and antispam protection for their customers using servers hosted off the customer’s premises.  This delivery model carries many benefits to the customers.

Equipment Costs – by choosing a hosted service the customer is not required to purchase their own server hardware to run the security product on their own premises.

Support Costs – support is included in the monthly fee to the hosted provider, so the customer is not required to hire and retain staff to manage an on-premise solution.  The hosted provider is responsible for all maintenance and upgrades to keep the service running smoothly.

License Costs – because the customer is not running their own server they also save on software licensing costs.  Furthermore they are simply paying a per-user license cost to the hosted provider.

Bandwidth – because any virus or spam emails are filtered by the hosted provider that traffic never reaches the customer’s network, saving their bandwidth which is both a cost and a performance benefit.

9 Benefits of Hosted Antispam Services
   

Facebook Wins Suit Against Spammer

Facebook announced on Thursday that it has won its lawsuit against notorious spammer Sanford Wallace. A judge in San Jose, CA awarded the site a $711 million judgement, the second largest in history to be awarded under the CAN-SPAM Act. “While …

Facebook Wins Suit Against Spammer
   

Geocities Shutdown Closes Door on Spammers

This week Yahoo! permanently closed down its venerable Geocities service.  This move ended one of the internet’s longest standing free web site hosting services and one of the most frustrating spam problems of more recent years.

Geocities became popular in the last 1990s as a free and easy way for people to publish web sites about their businesses and hobbies.  Although in recent years it stood as a monument to horrible website design in its prime it was one of the most visited sites on the internet.

After a takeover by Yahoo! in 1999 the website began a slow but steady decline due to various changes by the new owner.  However one demographic that remained strong on Geocities was spammers.

The attractiveness of Geocities for spammers came down to a few key elements:

  1. Geocities.com was a trusted and recognizable domain name to normal internet users
  2. As a Yahoo! property it was unlikely that the various Geocities domain names would be blocked by anti-spam product vendors
  3. Geocities permitted JavaScript on the web pages it hosted

User Trust and Social Engineering

A social engineering attack is one in which the attacker convinces the victim to perform a certain task.  These attacks involve establishing the appearance of legitimacy and trustworthiness in the eyes of the victim.

For a spammer who wants to convince a person to click on a link in an email the Geocities.com domain name was a perfect way to gain the trust of the victim because it was highly likely the person would recognize it as a place for legitimate web sites.

Free Services and Combating Abuse

As most internet security experts will attest, if there is a free service available on the web then spammers will abuse it.  The problem with this is that many free services are hosted by large, trustworthy internet companies and have millions of users.

Geocities Shutdown Closes Door on Spammers
   

Pushdo Botnet Sending FDIC Spam

A new wave of spam being pumped out by the Pushdo botnet is exploiting the FDIC and attempting to capitalize on worries about the economy. The spams are made to look like they came from the FDIC and inform the …

Pushdo Botnet Sending FDIC Spam
   

New Sting Operation Snags 18 Nigerian Spammers

A new sting operation conducted by the Nigerian Economic and Financial Crimes Commission has already nabbed 18 spammers. Dubbed Operation Eagle Claw, it has also led to the shut down of 800 malicious websites. The Commission has partnered with Microsoft on the project and said its goal is to remove Nigeria from the top 10 list of countries where the most scam emails originate from.

The Nigerian or 419 scam, named after the section number in the Nigerian Penal code that makes them illegal, has been around almost as long as the web itself and has several variations of a story designed to make the recipient think he will receive a huge fortune if he helps a foreign citizen (often a member of a non-existent royal family, a long lost relative who’s been killed, or a clergy member) transfer their money out of the country. The scammer either poses as the person themselves or as their lawyer. All the person has to do is turn over their personal info and wire over a small processing fee.

New Sting Operation Snags 18 Nigerian Spammers
   

New Malware Covers Its Tracks By Altering Bank Statements

A recently discovered Trojan has a sneaky and disturbing new trick up its sleeve. It can alter a victim’s online bank statement. Dubbed URLZone, the Trojan is able to alter HTML coding before it’s displayed. This lets it rewrite bank …

New Malware Covers Its Tracks By Altering Bank Statements
   

NASA Reprimanded Over Lax Security Practices

In a new report by the Government Accountability Office, NASA was reprimanded over its lax security practices and told to shape up.  NASA has reported nearly 1300 security incidents in the last 2 years, and although it has taken some …

NASA Reprimanded Over Lax Security Practices
   

Money mulers expanding horizons

The Zeus Trojan is a favorite of muleskinners.

Money muling, until recently, has been used by information highwaymen to prey on unwitting consumers. Muleskinners had modest goals. Their scams ranged from $200 to $2000. Their targets were consumers with more greed than sense. Recent muling patterns, however, indicate that these fraudsters are expanding their ambitions and hatching cons to snatch larger amounts from small businesses.

  • In May, a Texas company was clipped of $1.2 million with the help of some 40 “mules.”
  • In July, muleskinners in the Ukraine skimmed $415,000 from accounts for Bullit County, Ky. The county realized something was askew when it found unauthorized wire transfers of $10,000 or less from its payroll coffers were being made to accounts of at least 25 people across the country. In the United States, money transfers must exceed $10,000 before they are subject to special reporting requirements under the Bank Secrecy Act of 1970.
  • In September, Downeast Energy & Building Supply, a heating and hardware firm in Brunswick, Maine, saw $200,000 disappear from its online bank account, siphoned into the accounts of at least 20 individuals nationwide.
  • This month, the Pease Development Authority, the agency that manages ports in the Portsmouth, N.H. area discovered about $100,000 in transfers instigated by muleskinners.
  • Also this month, thieves attempted to transfer $87,000 from the accounts of the St. Isadore Catholic Church in Danville, Calif. to about a half dozen mules, but were thwarted when the church’s bank blocked the transfer.

A  key component of these scams are money mules. They are individuals recruited through blind employment ads posted on the Internet or through spam mailings. On some occasions, mules have been initially recruited as copy editors and proofreaders hired at minimum wage to clean up spam letters used to recruit more mules. When pressed for payment for the editing work, a muleskiner will attempt to recruit the editor as a “local agent” for transferring money.

Money mulers expanding horizons
   

Fake Antivirus Software a $1.2 Billion Industry

Security vendors are warning of a wave of ‘scareware’ attacks that use false Conficker alerts to trick victims into installing fake antivirus software on their computers.

The fake antivirus programs are known as scareware because of their technique of performing a fake antivirus scan on the computer, scaring the user by alerting them to virus infections that don’t really exist, and then offering to sell the victim software to remove the non-existent infections and protect from them in future.

The victim gives up credit card details for software ranging from $30 up to $100, but the real outcome is that their computer falls under the control of the spammer to grow their botnet.

Security analysts estimate that many tens of millions of computers have been taken over by spammers using these tactics.  Conservative estimates at the low end of the fake antivirus pricing suggest this could be a $1.2 billion industry for spammers and malware authors around the world.

Fake Antivirus Software a $1.2 Billion Industry
   

Last Comments

  • Jim on To Spam or Not to Spam? British Man Gets His Bard on; Gets Revenge, Too June 30, 2014

    Although I can understand Joseph's decision to do that, I don't completely side with him, simply because I have been spammed before and I know it doesn't feel really good. Well, that may be his goal, but you can never correct a wrong with another wrong. I just hope he found fulfillment with what he had done.

  • Connie Law on Does Legitimacy Make LinkedIn and Zoosk Spam All Right? June 30, 2014

    @Peter: It seems like I missed that story about Papa John's. Is it found in here? What actually happened? I'm very interested about spamming made by legitimate companies because I feel that's what usually happens these days. Especially in Facebook. These companies are flooding my newsfeed.

  • Angela on Report: U.S. an Oasis for Spam June 30, 2014

    Hi AG! I hope you can share more of the study with us. Yeah, it sounds very interesting. I think people's opinions here can actually be backed by some good research. Maybe you can contact the admin of this website. Most probably they will allow you to guest post so you can share your findings.

  • Pete on Do Changes to China’s Anti-Spam Laws Matter? June 30, 2014

    @Ran: We can't expect anything from China, my dear. I even feel that they're using this spam excuse to gain more control not only on its people but also from business operators. They love to work that way. Everything that you see is usually just a facade.