Featured Article

ICANN move contributing to URL spoofing?

By the middle of next year, the lock that Latin alphabets have had on Internet domain names will be broken, when a plan announced last week by the International Corporation for Assigned Names and Numbers, better known as ICANN, is implemented. That prospect may have phishers licking their lips.

The move–claimed by ICANN as the biggest technical change in the 40-year history of the Internet–will allow domain names to be created in languages such as Arabic, Korean, Greek, Hindi, Japanese and Cyrillic. It was initially approved in 2008, but finalization won’t be completed until the organization wraps up its conference in Seoul, Korea. While the new non-Latin alphabet addresses won’t start appearing until next year, ICANN expects to see applications for the domains appearing as early as next month.

ICANN estimates that more than half of the Internet’s 1.6 billion surfers use non-Latin alphabets and that the acceptance of those alphabets in domain names will save 60 billion to 100 billion keystrokes a day by averting the need to type country codes in Web addresses. Some countries are already using their native alphabets in domain names, but their country codes are in a Latin letter set. Bulgaria, for example, uses Cyrilic, but uses .bg for its country code.

ICANN move contributing to URL spoofing?
   

9 Benefits of Hosted Antispam Services

Cloud computing is a popular topic these days.  One of the ways in which cloud computing is being delivered to businesses is by hosted email security services.

A hosted email security provider offers antivirus and antispam protection for their customers using servers hosted off the customer’s premises.  This delivery model carries many benefits to the customers.

Equipment Costs – by choosing a hosted service the customer is not required to purchase their own server hardware to run the security product on their own premises.

Support Costs – support is included in the monthly fee to the hosted provider, so the customer is not required to hire and retain staff to manage an on-premise solution.  The hosted provider is responsible for all maintenance and upgrades to keep the service running smoothly.

License Costs – because the customer is not running their own server they also save on software licensing costs.  Furthermore they are simply paying a per-user license cost to the hosted provider.

Bandwidth – because any virus or spam emails are filtered by the hosted provider that traffic never reaches the customer’s network, saving their bandwidth which is both a cost and a performance benefit.

9 Benefits of Hosted Antispam Services
   

Facebook Wins Suit Against Spammer

Facebook announced on Thursday that it has won its lawsuit against notorious spammer Sanford Wallace. A judge in San Jose, CA awarded the site a $711 million judgement, the second largest in history to be awarded under the CAN-SPAM Act. “While …

Facebook Wins Suit Against Spammer
   

Geocities Shutdown Closes Door on Spammers

This week Yahoo! permanently closed down its venerable Geocities service.  This move ended one of the internet’s longest standing free web site hosting services and one of the most frustrating spam problems of more recent years.

Geocities became popular in the last 1990s as a free and easy way for people to publish web sites about their businesses and hobbies.  Although in recent years it stood as a monument to horrible website design in its prime it was one of the most visited sites on the internet.

After a takeover by Yahoo! in 1999 the website began a slow but steady decline due to various changes by the new owner.  However one demographic that remained strong on Geocities was spammers.

The attractiveness of Geocities for spammers came down to a few key elements:

  1. Geocities.com was a trusted and recognizable domain name to normal internet users
  2. As a Yahoo! property it was unlikely that the various Geocities domain names would be blocked by anti-spam product vendors
  3. Geocities permitted JavaScript on the web pages it hosted

User Trust and Social Engineering

A social engineering attack is one in which the attacker convinces the victim to perform a certain task.  These attacks involve establishing the appearance of legitimacy and trustworthiness in the eyes of the victim.

For a spammer who wants to convince a person to click on a link in an email the Geocities.com domain name was a perfect way to gain the trust of the victim because it was highly likely the person would recognize it as a place for legitimate web sites.

Free Services and Combating Abuse

As most internet security experts will attest, if there is a free service available on the web then spammers will abuse it.  The problem with this is that many free services are hosted by large, trustworthy internet companies and have millions of users.

Geocities Shutdown Closes Door on Spammers
   

Pushdo Botnet Sending FDIC Spam

A new wave of spam being pumped out by the Pushdo botnet is exploiting the FDIC and attempting to capitalize on worries about the economy. The spams are made to look like they came from the FDIC and inform the …

Pushdo Botnet Sending FDIC Spam
   

New Sting Operation Snags 18 Nigerian Spammers

A new sting operation conducted by the Nigerian Economic and Financial Crimes Commission has already nabbed 18 spammers. Dubbed Operation Eagle Claw, it has also led to the shut down of 800 malicious websites. The Commission has partnered with Microsoft on the project and said its goal is to remove Nigeria from the top 10 list of countries where the most scam emails originate from.

The Nigerian or 419 scam, named after the section number in the Nigerian Penal code that makes them illegal, has been around almost as long as the web itself and has several variations of a story designed to make the recipient think he will receive a huge fortune if he helps a foreign citizen (often a member of a non-existent royal family, a long lost relative who’s been killed, or a clergy member) transfer their money out of the country. The scammer either poses as the person themselves or as their lawyer. All the person has to do is turn over their personal info and wire over a small processing fee.

New Sting Operation Snags 18 Nigerian Spammers
   

New Malware Covers Its Tracks By Altering Bank Statements

A recently discovered Trojan has a sneaky and disturbing new trick up its sleeve. It can alter a victim’s online bank statement. Dubbed URLZone, the Trojan is able to alter HTML coding before it’s displayed. This lets it rewrite bank …

New Malware Covers Its Tracks By Altering Bank Statements
   

NASA Reprimanded Over Lax Security Practices

In a new report by the Government Accountability Office, NASA was reprimanded over its lax security practices and told to shape up.  NASA has reported nearly 1300 security incidents in the last 2 years, and although it has taken some …

NASA Reprimanded Over Lax Security Practices
   

Money mulers expanding horizons

The Zeus Trojan is a favorite of muleskinners.

Money muling, until recently, has been used by information highwaymen to prey on unwitting consumers. Muleskinners had modest goals. Their scams ranged from $200 to $2000. Their targets were consumers with more greed than sense. Recent muling patterns, however, indicate that these fraudsters are expanding their ambitions and hatching cons to snatch larger amounts from small businesses.

  • In May, a Texas company was clipped of $1.2 million with the help of some 40 “mules.”
  • In July, muleskinners in the Ukraine skimmed $415,000 from accounts for Bullit County, Ky. The county realized something was askew when it found unauthorized wire transfers of $10,000 or less from its payroll coffers were being made to accounts of at least 25 people across the country. In the United States, money transfers must exceed $10,000 before they are subject to special reporting requirements under the Bank Secrecy Act of 1970.
  • In September, Downeast Energy & Building Supply, a heating and hardware firm in Brunswick, Maine, saw $200,000 disappear from its online bank account, siphoned into the accounts of at least 20 individuals nationwide.
  • This month, the Pease Development Authority, the agency that manages ports in the Portsmouth, N.H. area discovered about $100,000 in transfers instigated by muleskinners.
  • Also this month, thieves attempted to transfer $87,000 from the accounts of the St. Isadore Catholic Church in Danville, Calif. to about a half dozen mules, but were thwarted when the church’s bank blocked the transfer.

A  key component of these scams are money mules. They are individuals recruited through blind employment ads posted on the Internet or through spam mailings. On some occasions, mules have been initially recruited as copy editors and proofreaders hired at minimum wage to clean up spam letters used to recruit more mules. When pressed for payment for the editing work, a muleskiner will attempt to recruit the editor as a “local agent” for transferring money.

Money mulers expanding horizons
   

Fake Antivirus Software a $1.2 Billion Industry

Security vendors are warning of a wave of ‘scareware’ attacks that use false Conficker alerts to trick victims into installing fake antivirus software on their computers.

The fake antivirus programs are known as scareware because of their technique of performing a fake antivirus scan on the computer, scaring the user by alerting them to virus infections that don’t really exist, and then offering to sell the victim software to remove the non-existent infections and protect from them in future.

The victim gives up credit card details for software ranging from $30 up to $100, but the real outcome is that their computer falls under the control of the spammer to grow their botnet.

Security analysts estimate that many tens of millions of computers have been taken over by spammers using these tactics.  Conservative estimates at the low end of the fake antivirus pricing suggest this could be a $1.2 billion industry for spammers and malware authors around the world.

Fake Antivirus Software a $1.2 Billion Industry
   

Last Comments

  • Santine on Does Legitimacy Make LinkedIn and Zoosk Spam All Right? July 31, 2014

    Before we go any further--let's skip Papa John's--let's go back to the main issue: these huge companies that are allowed to spam simply because they are, well, and sending mails is just a way of marketing their products and services more. That's definitely a bull, don't you think? The title is even misleading since there's nothing legitimate with spamming.

  • Elizabeth on Do You Trust Your Bank Not to Spam You? Read This July 31, 2014

    I've come across a book about innovation, and it mentioned that banks are some of the worst in this department simply because it is very traditional. Simply put, it just continues what it has been doing for many years, even as long as hundreds of years for those very large European banks. In the process, they don't really protect themselves when they attempt to go online and make our hard-earned money and very important personal information extremely vulnerable to identity theft, among others.

  • Mario on Spammers Get Sleazier with Attachment within Attachment Technique July 31, 2014

    @Isabel: If it protects yourself from getting malware, then it's actually a very small task that pays huge rewards. Everybody has to take time these days, especially since not all suspicious attachments do get detected by antivirus or antimalware programs. I should know because I still end up receiving those types of e-mails. What makes this a potential candidate for that is it's in zipped file, and protective systems are often used to attachments and plain documents.

  • Cleo on GoDaddy has Some Serious ‘Splaining to do, Gives User Information to a Spammer July 31, 2014

    @Noah: Is it possible, though, that this might be an inside job. I don't think a company such as GoDaddy can be just plain stupid or worse vindictive although if I were to judge it through its ads, it's definitely such a lame company. It's interesting this hasn't gone big as a news. I think it has gone beyond being a mere spamming incident to showing how spamming and identity theft can affect a person's life.