Featured Article

Hackers and Spammers Now Creating Their Own ISPs

Security researchers say botnet herders, malware authors, spammers, and other cybercriminals have begun taking matters into their own hands and creating their own ISPs. Now that even so-called “bulletproof” ISPs are being pursued and shut down, cybercriminals have decided that …

Hackers and Spammers Now Creating Their Own ISPs
   

Hackers and Spammers Already Exploiting Starlet’s Death

Actress Brittany Murphy’s sudden death yesterday at the age of 32 shocked Hollywood and her fans, but hackers and spammers wasted no time in exploiting the tragedy. Already the top results for searches about her death are all malicious, leading …

Hackers and Spammers Already Exploiting Starlet’s Death
   

New Malware Attack Infects Nearly 300,000 Sites

A security researcher recently discovered a new malware attack that has poisoned nearly 300,000 websites. The SQL attacks began last month and use a hidden iframe to redirect visitors to a malicious site that is programmed to look for and …

New Malware Attack Infects Nearly 300,000 Sites
   

Unreported Spam Costing Billions

Sky News UK has reported on the results of research into victims of online fraud.  The survey revealed that some fraud is never reported due to embarrassment, indifference, or simply not being aware that the fraud has even occurred.

These reasons might seem strange to some people who would assume that any fraud victim would want to see justice and would immediately report the matter to authorities.  Unfortunately online fraud caused by spam, phishing, and other scams often does go unreported.  Let’s take a closer look at the reasons for this, and why those reasons should be put aside in favour of more reporting.

Embarrassment

There are a few different reasons why someone may be too embarrassed to report a fraud.  The first is if the amount of money lost is very high.  Being scammed out of your life savings would be a devastating and embarrassing event that a lot of people would feel so ashamed about they may want to keep it secret.  An attitude of “I should have known better” can sometimes play a role in this.

Another reason is when the nature of the scam is sensitive and embarrassing.  Examples of this include Russian mail order bride scams, and fake male enhancement drug scams.  In both cases a person could easily be too embarrassed to admit they were attempting to purchase those items in the first place, on top of the embarrassment of being a fraud victim.

It takes a lot of bravery to come forward and admit you were fooled.  Two things should be remembered here – firstly these are professional criminals often with very effective methods for tricking people.  Secondly, reporting your incident to authorities can help prevent other people from becoming victims in future.

Indifference

Say what you want about criminals, but they usually aren’t stupid.  It might seem strange to look at them this way but a lot of online criminals are basically malicious marketers, and have all of the skills that honest marketers have.  One of these is an understanding of human nature, and one of the natural instincts of a lot of humans is not to bother with trivial matters.

Unreported Spam Costing Billions
   

Heartland Reaches Settlement with AmEx Over Data Breach

Heartland Payment Systems announced it has reached a settlement with American Express regarding the massive data breach revealed earlier this year. The $3.6 million dollar settlement is only the beginning for Heartland as they are also working on reaching settlements …

Heartland Reaches Settlement with AmEx Over Data Breach
   

MP3 Spam Returns

Surprised researchers have discovered that MP3 spam has returned. It was last seen in 2007 and like PDF spam, was thought to have been discarded by spammers in favor of simple link spam. However, late last week security researchers discovered …

MP3 Spam Returns
   

Researchers Find Flaws in Google’s reCAPTCHA

A new report by security researchers claims that Google’s reCAPTCHA system is flawed – so flawed that it would allow a botnet with just 10,000 zombies to manage 10 recognition successes an hour resulting in over 850,000 fake accounts being …

Researchers Find Flaws in Google’s reCAPTCHA
   

New Koobface worm duping Facebook users

New Koobface variant exploits holiday spirit.

Malware miscreants have traded their black hats for Santa hats with their latest escapade targeting the 350 million member Facebook community.

Security experts have spotted a new variation of the Koobface worm that gives its prior social engineering techniques a holiday twist to lure Facebook users into its wicked web.

The new variant, Koobface.GK, posts a link to a Christmas video on the message wall of a Facebook user. When a social networker clicks the link, he or she is taken to a bogus video player. Clicking the play button on the spurious application produces no video, but it does download the worm to the clicker’s computer.

The malware then produces a captcha screen that threatens to shutdown the user’s computer if the captcha form isn’t filled out within three minutes. When the captcha form is filled out, the shutdown message appears again. Each time the form is filled in, a new domain is registered where infected files will be hosted. In that way, the worm propagates itself.

If a target decides not to act within three minutes, nothing will happen. However, his or her computer will become unresponsive. According to White Hats, a clean install of Windows isn’t needed to recover control of a computer infected with the worm. Presumably, the problem could be eliminated by pulling the power plug on the machine and rebooting into a state where a virus scan could be conducted on the computer or the box could be restored to a point before it was infected.

New Koobface worm duping Facebook users
   

No More Big Spam Network Shutdowns

In November 2008 the antispam community collectively cheered as the McColo ISP, a major source of the spam on the internet, was disconnected by its network providers effectively shutting it down.

At the time global spam levels dropped by about 75%.  Since then spam has steadily risen in volume and returned to similar levels again.  Some might wonder why more spam network shutdowns similar to McColo are not occurring again.

The problem is highlighted in a recent monthly report by a security vendor.

McColo has taught botnet owners a lesson.  Botnet control centres have become more distributed, spanning many networks in many countries. The loss of a big hosting provider today would prove only a minor inconvenience – as opposed to a major defeat – for spammers.

I’ve written in the past about the international nature of spam fighting.  Microsoft’s Terry Zink described the problem very well in an analysis of a spam message he received.

Here’s how it works: A malware author infects a machine in Canada (1) that relays spam to a machine in the United States (2), which contains payload that points to a machine in Spain (3) registered by a guy in the United States (4) using a registrar in France (5), which is resolved by a name server in the Czech Republic (6).

And thats not all.

The guy in Texas is using name servers that look like they are located in Russia, but they are not.  The one name server which resolves the spammy site is exploited (the one sitting in the Czech Republic) and then the top domain cn8.ru, sitting on a machine in China…

So for this one item of spam, which is probably one of many from an organized spam network, the authorities of Canada, USA, Spain, France, Czech Republic, Russia and China would all need to cooperate to shut the spam network down.

No More Big Spam Network Shutdowns
   

Botnet Herders Teaming Up To Distribute Trojan

Researchers say the groups behind two botnets have teamed up to distribute malware. The bot herders running the Avalanche and ZBot botnets are now working together to promote notorious banking Trojan Zeus. The Zbot botnet is known for its massive …

Botnet Herders Teaming Up To Distribute Trojan
   

Last Comments

  • Imran on Fanbox Spam Turns Into Costly Scam August 24, 2014

    Fanbox i worked there it’s a real scam they owe me 4500 dollar but they did not give me my money as i was everyday claiming my money to them they were oblige to cancel my account. then asked me to create another account so that i work again with them what i have refused, i said them that you just show me how fanbox is a scam im not crazy again to waste my time creating post to make you rich. i invite every new users who just start with them please dont waste your time they wont never give you a penny of dollar that only a virtual money be aware to avoid johny cash and his ganster here is the message they sent to me two month before they cancel my account:

  • Aussie on India Tops List of World’s Biggest Spammers August 16, 2014

    ALL my SEO spam comes from Indians. They are a big pain in the arse.

  • Andrew on Spammers Get Sleazier with Attachment within Attachment Technique August 14, 2014

    This is more relevant to the home user, who typically operates with a low level of protection against such threats. Businesses will employ sophisticated techniques at the border (eg: removal of or cloaking of ZIP files to render inert). Home users have no such luxury available to them at a reasonable cost. Until ISPs actually start offering business grade mail protection/filtering to their customers, then the consumer is on his/her own and must remain diligent. If you didn't initiate a request with the sender, then don't open the damned attachment. If you get an email claiming to be from your bank which contains an attachment, don't open it - your bank would never send you a ZIP'd archive to open anyway. Check links contained in email body before you go ahead an click on them - for instance, hovering over a link in an email will ususally display a tooltip with the actual web address encoded, rather than the false link displayed in the email content. Simple checks that anyone can perform before committing a single or double-left click on something that could cost dearly.... Diligence people! If you are, then you already made the spammers hit-rate that much lower, by simply not sleep-walking into an infection. Relying on anti-virus/malware protection apps is allowing people to abrogate themselves of a basic responsibility to know what you're doing and how it can affect your machine - adversely or otherwise. We insist that people reach a basic level of proficiency to drive a car. We need something similar for the consumer directed web....

  • Santine on Does Legitimacy Make LinkedIn and Zoosk Spam All Right? July 31, 2014

    Before we go any further--let's skip Papa John's--let's go back to the main issue: these huge companies that are allowed to spam simply because they are, well, and sending mails is just a way of marketing their products and services more. That's definitely a bull, don't you think? The title is even misleading since there's nothing legitimate with spamming.