It has been a big year for the internet with social networks continuing to grow at an amazing pace, search engines scrambling to keep pace with user demand for fresh news, and as always spam and malware causing havoc around the world.

A look at the year’s major spam event shows some consistent trends.

• Season spam such as Valentine’s Day and Christmas remains predictable
• Spammers quickly move to exploit any major global news events such as celebrity deaths and wars
• Spam networks are becoming more distributed and resistant to shutdown attempts
• Social networking spam is on the rise as spammers attempt to exploit the perceived trust between people and their online “friends”
• Human error continues to be a big part of the spam landscape, both through inadvertent data exposure and through people falling victim to social engineering

Here is a look at some of these major events throughout the year.

January

Scams promising free money from US government grants attempts to exploit the news of corporate bailouts and the increase in unemployment.

Fake CCN news alerts take advantage of a clash between Israel and Hamas.

Global spam volume begin returning to normal levels after the McColo shutdown of November 2008.

The inauguration of US President Barack Obama leads to a wave of spam spreading rumours that his inauguration is invalid or that he resigned and attempts to trick users in downloading malware.

Spammers also get a head start on Valentine’s Day with malware-carrying love letters.

February

Human error at Google marked the entire internet unsafe (is it really that far from the truth?).

The poor economy continues to cause unemployment to increase, leading to a new wave of fake job spam.

Microsoft offeres a $250,000 reward for information leading to the arrest and conviction of the Conficker worm creators.

March

Citibank falls for a Nigerian 419 scam to the tune of $27 million, but is saved when the transfers fail due to invalid account numbers provided by the scammers. Continue reading 2009, The Year in Spam»

A new report has named Hong Kong the spam capital of the world. There are around 4,000 zombie computers located there and 93.4 percent of emails sent to Hong Kong users were spam; more than any other country in the world.

          “Nowhere is quite like Hong Kong. Location, history and inherent character combine to give it a special identity that sets it apart from anywhere else in the world,” says Internet data analyst Dan Bleaken. Bleaken believes the city’s status as a financial and commercial hub makes it a lucrative target for spammers. “According to some estimates, spam-related activities cost Hong Kong 770 million dollars (5.5 billion HK dollars) in 2001, for example,” he said.

The Hong Kong government is trying to fight back. The Unsolicited Electronic Messages Ordinance, passed in 2007, requires companies to provide a way to unsubscribe that requires no further correspondence, and also requires that they provide their name, phone number, email address, and postal address in all messages. Fines of up to $128,000 U.S will be handed out to those who don’t comply.

Hong Kong’s Office of the Telecommunications Authority said they have received over 13,000 complaints and sent out 89 warnings. However they stress that for the problem to be truly addressed requires countries to work together to fight spammer and cybergangs as cybercrime is a worldwide epidemic. The country’s proximity to China, a known haven for spammers, is considered a direct cause of their increasing spam issues.

A Washington lawyer had an idea. He wanted to sue spammers but since the CAN-SPAM law allows only ISPs to do so, he decided to become an ISP. He set up a domain and gave email accounts to his friends and family. When emailed, the accounts sent an auto-response that claimed the sender would either agree to stop spamming or pay $500 per spam message. The lawyer, James Gordon, then sued email marketing firm Virtumundo for $10 million dollars claiming damages under the CAN-SPAM Act.

Continue reading Lawyer’s Spam Fighting Idea Backfires»

Twitter users were hit with a spam attack over the weekend. It started with a simple question: “Want to know who’s stalking you on twitter!?” and a link to TwitViewer, a site that claimed it would show them the last 200 people that visited their Twitter profile. The problem was that TwitViewer demanded their Twitter username and password in order to do so.

Those that did so had their Twitter account promptly spam everyone they are following with the same question and link, and if they happened to click on any of the people in the gallery of thumbnails the site claims are people that visited their profile (but they didn’t-there is no way for a site to be able to collect that kind of information), their account automatically followed them-and of course spammed them with the TwitViewer link. All in all a very slick phishing scheme. Continue reading Twitter Users Hit By Malicious TwitViewer Spam»

A 23 year old Romanian immigrant from Michigan has been sentenced to 8 and a half years in prison for his role in a phishing scam that left over 7,000 victims and raked in over $700,000. Starting in June 2000, when he was 14 years old and lasting through February 2007, Sergiu Popa used two email accounts to send out phishing emails made to look like legit messages from such companies as Citibank and Paypal. Unwitting victims who clicked on the links were sent to the fake websites he set up and had their personal info stolen. He pleaded guilty to the charges in hopes of getting a lenient sentence, but the plan backfired

 

“Because there were so many victims who were hurt badly, the court believes the sentence is appropriate in order to protect the public,” said Judge John Tunheim. “There needs to be a deterrent to others who are trying similar crimes over the Internet.”

One file found in his Yahoo email account contained credit card information for over 5,000 people. Upon searching his home, the FBI found blank plastic cards being used to make fake credit cards and driver’s licenses, a machine used to print graphics on such cards, and foil ribbons used to stamp the holographs used on legit cards. Continue reading Phisher Sentenced to Eight Years in Prison»

Security experts are warning that the new Swine Flu outbreak is likely to become the latest headline to be exploited by spammers and scammers. Domain names related to the disease are being snapped up at an alarming rate. It looks as if they plan to take advantage of people’s fears surrounding the outbreak, which has killed over 60 people in Mexico and cropped up here in the U.S. in New York, Kansas, Texas and California.

The spam messages have headlines such as “First US swine flu victims!” and “Madonna caught swine flu!” and the links they contain lead to online pharmacies hawking fake drugs and even a site selling a Swine Flu “survival guide” for a mere $20. Security experts say 5% of all spam sent now is Swine Flu related and that number will probably rise as the outbreak continues to spread.

The Better Business Bureau is advising consumers to ignore any emails offering a Swine Flu vaccine as none exists, and the FDA will be going after any site offering any kind of Swine Flu drugs. Such sites are already showing up in spam messages and on search engines as domains related to the virus are being snapped up like hotcakes.

If you have a legit company that offers products that could be associated with the outbreak (such as pharmaceuticals, anti-bacterial products, health care products, etc) take care to make sure your domain is secure to protect yourself against a possible hijack. Disable any non-essential tools such as FTP, and keep your firewall up to date at all times.

ICF recently released a document entitled The Carbon Footprint of Email Spam Report that was sponsored by a well-known security company. Some key findings include:

• Globally, annual spam energy use totals 33 billion kilowatt-hours (KWh), or 33 terawatt hours (TWh). That’s equivalent to the electricity used in 2.4 million homes in the United States, with the same GHG emissions as 3.1 million passenger cars using two billion United States gallons of gasoline.
• The average GHG emission associated with a single spam message is 0.3 grams of CO2. That’s like driving three feet (one meter) in equivalent emissions, but when multiplied by the annual volume of spam, it’s like driving around the Earth 1.6 million times.
• A year’s email at a typical medium-size business uses 50,000 KWh; more than one fifth of that annual use can be associated with spam

Hmmm. Interesting. But so what? I mean, is the report going to stop spammers from spamming? Will it give them pangs of guilt? Will it cause them to say, “Gosh! I didn’t realize that my actions were contributing to the global warming problem. I need to stop scamming people and find a real job!”? Or will they start paying to be “certified green” by a body such as CO2Stats? No, I don’t think that any of these things are at all likely to happen. So, if the report isn’t going to stop spammers spamming, what’s the point of it? There are already a multitude of extremely good reasons to block spam and there’s really nothing to be gained from adding another one to the list.

So, the question I’d be inclined to ask is: how much energy was used/CO2 produced in the creation and distribution of this report?

A new report by Microsoft reveals what many of us already know. More than 75% of all emails sent are spam, and more often than not these days, contain malicious links or attachments. Malware is becoming more and more widespread. The report says that there are nearly 9 infected PCs for every 1,000 clean ones. Still, ads for shady pharmaceuticals make up most spam, with adult oriented spam a close second.

Fear not however as most spam never makes it to people’s inboxes:

          Cliff Evans, head of security and privacy for Microsoft in the UK, told BBC News: “The good news is that the majority of that never hits your inbox although some will get through.”
Ed Gibson, chief cyber security advisor at Microsoft, said the rise in spam was due to traditional organised crime figures moving away from exploiting software vulnerabilities and “targeting the weak link that is you and me”.
“With higher capacity broadband and better OS (operating systems), and higher power computers it is easier now to send out billions of spams. Three or four years ago the capacity wasn’t there.”

Continue reading Spam Continues to Overwhelm»

Where does spam come from? We have a preconception that people in the spam business are shady characters operating out of back rooms, located in dark alleys in unmarked offices. They operate under the radar, have slicked-back hair and wear flashy suits. They have warehouses full of counterfeit Viagra, and hire hackers from Russia to create mailing lists and disseminate their bogus email ads.

While this may well describe some people in the spam business, it doesn’t describe all of them. My last entry noted how American Express has gotten into the spam business; today it’s Verizon. It seems spam is more of a corporate phenomenon than we realized.

Continue reading Corporate spam is on the rise»

A new wave of spam combines a new technique with an old one in its efforts to spread malware. Spam messages containing a fake news alert claiming a bombing has taken place in the recipient’s local are hitting inboxes across the net. Manipulating headlines and making up fake news stories are nothing new in the land of spam, but the fact that these spams are specifically tailored to the recipient’s location is. It appears that spammers are using IP look ups to deliver personalized content.

The spam contains a link to a site that contains a realistic looking Reuters news story and video. The news story reads much like this:

          At least 12 people have been killed and more than 40 wounded in a bomb blast near market in Amsterdam. Authorities suggested that the explosion was caused by “dirty” bomb. Police said the bomb was detonated from close by using electric cables. “It was awful” said the eyewitness about blast he heard from his shop. “It made the floor shake. So many people were running,”

“Amsterdam” changes to a city near the recipient, based on an IP lookup. The video, if clicked on, tells the user they must update a CODEC before it can be viewed. The CODEC is actually a Trojan that adds the infected computer to the Waledec botnet and downloads even more malware, scans the system for personal information, and attempts to send itself to the users in the infected system’s address book.

Despite the spammer’s attempts to personalize their spam and make their site look as realistic as possible, the poor grammar in their fake news story is a dead giveaway!