Featured Article

Dropbox Used as Vector for Zeus In Latest Phishing Campaign

In a classic example of truly dirty pool, one of the latest ways attackers are convincing victims to install the Zeus malware is to send users links to the malware stored in Dropbox accounts. Attackers are now trading on victims’ gullibility and their general trust of the file sharing service. Dropbox, which is growing in popularity amongst consumers and businesses alike, is not considered a malicious or even a suspicious website. More and more enterprises are using Dropbox to share data. Attackers are banking on this fact and that potential victims are becoming accustomed to accessing shared data from others with whom they collaborate via dropbox.com links.

Dropbox Used as Vector for Zeus In Latest Phishing Campaign
   

XP Users Linked to Increase in Spam Volume

According to security researchers, Q2 experienced a huge uptick in spam. Why? Many think it’s related to the fact that Microsoft ended support for Windows XP in April. The 13 year old OS will no longer be patched or updated, …

XP Users Linked to Increase in Spam Volume
   

It’s Game Over for Gameover ZeuS and Cryptolocker

On Monday 2 June 2014, the United States Department of Justice announced that they had successfully taken down a botnet used to distribute the Gameover ZueS malware, and servers used by the Cryptolocker malware. Gameover ZeuS is a password stealing Trojan that focuses on banking sites, while Cryptolocker is what is called ransomware; encrypting users data and extorting a ransom from them in exchange for the keys to decrypt their data.

It’s Game Over for Gameover ZeuS and Cryptolocker
   

Russian Government Springs Spammer From Prison and Hires Him

It sounds unbelievable but it’s true. Pavel Vrublevsky was the spamming mastermind behind the Festi botnet, a DDoS attack against a Russian airline that cost it millions, and one of the country’s largest pharmacy spam networks. He was one of …

Russian Government Springs Spammer From Prison and Hires Him
   

Cryptolocker May Be Down, But Now There’s Cryptowall!

Just a couple of days ago, the Department of Justice announced that a legal action involving international cooperation had made a real difference by taking down Cryptolocker, but any relief this provided to the general public seems short-lived, as there’s a new piece of ransomware out there now. It’s called Cryptowall, and as you might have guessed, it is just as nasty as Cryptolocker. Operating primarily  through malvertising, Cryptowall is the culmination of a one-two punch. Here’s how people fall victim, and what you need to know about it.

Cryptolocker May Be Down, But Now There’s Cryptowall!
   

A new spam campaign in Japan is making use of an old consumer warning. It’s not selling anything or pushing malware, it’s what’s known as scare spam. The included links probably give some spammer increased ad revenue, but that’s it. …

Old Consumer Warning Resurfaces as Spam
   

Man Wins Damages From Spammer in Precedent Setting Case

In a landmark case, EU judges have awarded a man unspecified damages after he sued UK retailer John Lewis for spamming him. The man, Roddy Mansfield, claimed the company started spamming him after he registered on their website. He claims …

Man Wins Damages From Spammer in Precedent Setting Case
   

HELLO MY BELOVED IN THE LORD. I AM MRS. ALICE FLORES DUNU, A NATIONALITY OF BELIZE FORMERLY BRITISH HONDURAS, BORN IN THE STATE OF OHIO USA…[blah, blah, blah] …MY LATE HUSBAND WAS VERY WEALTHY AND AFTER HIS DEATH, I INHERITED …

Nigerian 419ers Get Their Freak On
   

What To Do When Your Email Address Has Been Spoofed

If it hasn’t happened to you yet, chances are it will at some point. One day you’ll check your email and find hundreds, even thousands of “Mail undeliverable” bounce back messages. When you look at the message that bounced, you …

What To Do When Your Email Address Has Been Spoofed
   

May Spam Roundup

Summer is here! For many of us that means heading off for some fun in the sun but for spammers it’s busy season. You can expect to see travel spam, grad spam, and spam surrounding major summer events and holidays, …

May Spam Roundup
   

Last Comments

  • Aussie on India Tops List of World’s Biggest Spammers August 16, 2014

    ALL my SEO spam comes from Indians. They are a big pain in the arse.

  • Andrew on Spammers Get Sleazier with Attachment within Attachment Technique August 14, 2014

    This is more relevant to the home user, who typically operates with a low level of protection against such threats. Businesses will employ sophisticated techniques at the border (eg: removal of or cloaking of ZIP files to render inert). Home users have no such luxury available to them at a reasonable cost. Until ISPs actually start offering business grade mail protection/filtering to their customers, then the consumer is on his/her own and must remain diligent. If you didn't initiate a request with the sender, then don't open the damned attachment. If you get an email claiming to be from your bank which contains an attachment, don't open it - your bank would never send you a ZIP'd archive to open anyway. Check links contained in email body before you go ahead an click on them - for instance, hovering over a link in an email will ususally display a tooltip with the actual web address encoded, rather than the false link displayed in the email content. Simple checks that anyone can perform before committing a single or double-left click on something that could cost dearly.... Diligence people! If you are, then you already made the spammers hit-rate that much lower, by simply not sleep-walking into an infection. Relying on anti-virus/malware protection apps is allowing people to abrogate themselves of a basic responsibility to know what you're doing and how it can affect your machine - adversely or otherwise. We insist that people reach a basic level of proficiency to drive a car. We need something similar for the consumer directed web....

  • Santine on Does Legitimacy Make LinkedIn and Zoosk Spam All Right? July 31, 2014

    Before we go any further--let's skip Papa John's--let's go back to the main issue: these huge companies that are allowed to spam simply because they are, well, and sending mails is just a way of marketing their products and services more. That's definitely a bull, don't you think? The title is even misleading since there's nothing legitimate with spamming.

  • Elizabeth on Do You Trust Your Bank Not to Spam You? Read This July 31, 2014

    I've come across a book about innovation, and it mentioned that banks are some of the worst in this department simply because it is very traditional. Simply put, it just continues what it has been doing for many years, even as long as hundreds of years for those very large European banks. In the process, they don't really protect themselves when they attempt to go online and make our hard-earned money and very important personal information extremely vulnerable to identity theft, among others.