Sleazy informercial king Kevin Trudeau’s 30-day jail sentence has been stayed by the courts. He was slammed with it for orchestrating a spam email campaign designed to influence the judge in his case. He’s currently on trial in Civil Court fighting a complaint by the FTC that the advertising for his “natural cures” book is misleading. He was first sued by them in 1998 and banned from making false claims in the future, ordered to pay $500,000 in consumer redress and pay another $500,000 for a performance bond to ensure compliance. In 2004 he was sued again for ignoring the order and making false claims about a product called Coral Calicum. He was ordered to pay $2 million in fines and damages and banned from doing informercials except for informational publications like books, provided he make no misrepresentations. He again ignored the order which is why he is in court again. Trudeau has long been hawking his natural cures as the answer to everything from obesity to drug addiction.

In an effort to avoid further prosecution Trudeau urged his supporters to email the judge to tell him what his cures did for them and to urge him to find in his favor. The judge said his inbox was overwhelmed with spam and demands that the complaint against Trudeau be dropped and found him in contempt of court. Trudeau was scheduled to report to jail today. The court gave no reason for the change of heart but said the stay was contingent on no more spam campaigns being aimed at the judge or the court.

It comes as no surprise that scammers have been quick to exploit the 2010 Winter Olympic Games for their own benefit. Spam claiming to have exclusive videos of events like the tragic death of Georgian Luger Nodar Kumaritashvili have been spreading. The links lead to malicious sites pushing fake anti-virus software or dropping Trojans.

In addition scammers have set up a fake Twitter account that sends out tweets disguised to look like Olympic updates. The URL has a subtle typo but at first glance looks like the official Olympics site, Vancouver2010.com  When users visit the site they are prompted to download a codec or Flash update. The fake update is actually a Trojan.

“Given the popularity of the Winter Olympics, it is not surprising that attackers are taking advantage of the event to spread malware,” said Michael Sutton, vice president of research at Zscaler. “Given the authentic nature of the attack site, lack of anti-virus signatures, use of Twitter to advertise the campaign and timing of the attack, it is reasonable to assume that it will succeed.”

Other Olympic themed spam campaigns include messages offering travel tips for those going to Vancouver or offering bus tickets and transit passes. Scammers have also used Black Hat SEO techniques to poison search results for top Olympic athletes like Bodie Miller, Sasha Cohen, and Jennifer Rodriquez.

Privacy holes in Google Buzz could attract spammers.

Google is scrambling to patch the privacy holes in its Buzz application launched last week, hopefully before spammers turn the social network into a gold mine for their repugnant activities.

When introduced last Tuesday, the yawning flaws in Buzz could be seen in its privacy agreement.

“When you first enter Google Buzz,” it stated, “to make the startup experience easier, we may automatically select people for you to follow based on the people you email and chat with most.”

Assuming a user wants to “follow” someone just because they trade emails may have seemed convenient to Buzz designers, but in fact it’s a needless usurpation of a user’s ability to choose with whom he or she associates. Sure, automating who a user follows is a quick way to build a following list, but it actually adds hassle to the process as a user must manually scrutinize who he or she is following and weed out the deadwood.

But the boners get better. “Similarly,” the Buzz privacy statement continued, “we may also suggest to others that they automatically follow you.” Automatically putting the touch on people to follow a user based on the user’s Gmail address book is an expedient way to rapidly build a socnet without the fuss of inviting people to join individually. What the Buzz designers failed to fathom is that just because a user communicates frequently with someone in his or her address book doesn’t mean that user wants to share his or her every thought with that contact. What someone might divulge through a tweet or Facebook comment isn’t always something he or she may not want divulged to a frequent email correspondent like a client or boss. Facebook understood that from the start so it’s surprising that the savvy crew at Google could make such a blunder.

Granted, a user can block any of his or her followers but why should the onus be placed on the user to comb out unwanted followers from a list created by Google?

Those inconveniences to users, though, aren’t what will be percolating the interest of spammers in the new social network. It’s the availability of a new source of public information about millions of potential marks.

Continue reading Google Buzz: socnet or spam magnet?»

Wednesday’s launch of the highly anticipated Apple iPad has resulted in a spike of Apple related spam. Security researchers say a 30% spike in phishing spam was detected following the announcement as spammers rushed to take advantage of the huge audience looking for info on the device. In addition to phishing spams hawking deals on MacBooks and iPhones, the researchers discovered widespread SEO poisoning designed to lure people searching for terms like “iPad price” or “iPad specs” to malicious sites serving malware, mostly fake anti-virus software.

Security experts are predicting such activities to keep rising as the iPad’s March release date draws closer. They advise users to keep their anti-virus software up to date and to get their Apple news from trusted, familiar sites. Companies should review their site security and keep a close eye on their code as many of the poisoned search results point toward legit sites that have been compromised by SQL injection attacks.

Compromised computers spew spam.

In judo, an attacker’s assets are turned into liabilities by a defender. The attacker’s attributes like weight and size are leveraged against the aggressor and used to neutralize him or her with a flip. A similiar tactic to fight spam propogated by botnets has been developed by an octet of researchers.

The team from the International Computer Science Institute in Berkeley, Calif. and University of California in San Diego–Andreas Pitsillidis, Kirill Levchenko, Christian Kreibich, Chris Kanich, Geoffrey M. Voelker, Vern Paxson, Nicholas Weaver, and Stefan Savage–have developed a way to flip the software running a botnet so it assists spam fighters in blocking the cyber junk spewed by the malware.

Continue reading Botnet judo fights spam with a flip»

Canada’s distinguished history magazine-an institution for almost 100 years, was forced to change its name due to the issues it caused with spam filters. The magazine’s former name, The Beaver, refers to Canada’s beloved national symbol, but it’s also a rather crude sexual reference to a female’s lower region. The magazine’s unintended connotation got it blocked by most spam filters. The magazine’s publisher intends to use the Internet to increase the magazine’s loyal but aging subscriber base.

          “There were some really unfortunate but practical reasons why The Beaver couldn’t be the universal brand,” said publisher Deborah Morrison. “That’s the factor why it was a deterrent — particularly amongst women and people under the age of 45. Unfortunately, sometimes words take on an identity that wasn’t intended in 1920, when it was all about the fur trade. People were literally writing us and saying, ‘We can’t get your e-newsletter because it’s being spam-filtered out, can you change the title of the heading?’ “

The magazine, which was launched in 1920, at first covered only the booming fur trade in the country, but over the past decade or so has expanded to cover all aspects of Canadian history. Its first issue under the new name-Canada’s History-will go on sale in April.

In a sickening but unfortunately not surprising move, spammers and scammers have quickly moved to exploit the tragic earthquake in Haiti. Security experts say spam messages claiming to be fundraising pleas have begun hitting the web. Some of the spams come with the subject line “Help The Children in Haiti-Donate Today” and claim to come from musician Wyclef Jean’s charity Yele Haiti. Others claim to be collecting money on behalf of the Red Cross, Unicef and Doctors Without Borders and urge the recipients to send money to an office in the Philippines via Western Union. Another campaign claims to be from the “Haitian Disaster Response Agency”.

In addition at least 64 new websites have popped up since the earthquake, all with the word Haiti in them and with variations of words like quake, relief, and disaster. Experts say the amount of Haiti related spam and scams is expected to rise. It’s an old technique. Spammers and scammers use the hot topics of the day to both poison search results and get people’s attention with their spam. Last year everything from the H1N1 crisis to Michael Jackson’s death was exploited.

To protect yourself and your company, don’t give to any charity that you aren’t familiar with, asks you to send your donation via Western Union, or sends fundraising pleas via spam. When searching for news and information on the disaster, stick to familiar websites. If your company would like to do more to help, contact charities such as the Red Cross, Doctors Without Borders, and Unicef  directly and ask what they need.

If you want to help, you can text the word HAITI to 90999 to donate $10 to the Red Cross. All 4 major US cell providers have agreed to wave any messaging fees, and the donation will appear on your next phone bill.

A 28-year-old Romanian man is facing 5 years in prison after pleading guilty to a charge of conspiracy to commit fraud related to spam. Cornel Ionut Tonita was involved in a phishing ring with two other men. The men set up fake websites designed to look like the account login pages of such companies as Citibank, Wells Fargo and Ebay. They stole passwords and financial information and passed it along to others who used it to make fake credit cards.

Tonita admitted to using email harvesting software and sending spam designed to lure people to the fake sites. Authorities say he sent a file of almost 10,000 addresses to one of the other men.

All three men have been convicted. One of them, Ovidiu-Ionut Nicola-Roman, was the first foreign national ever convicted of phishing in the U.S. He was sentenced to 4 years in prison. Tonita will be formally sentenced in April.

Phishing has become a multi-million dollar industry for cybercriminals and experts say there attacks are becoming more and more targeted and sophisticated.

Billionth spam received by Project Honey Pot.

Project Honey Pot announced earlier this month a dubious achievement. It had attracted its one billionth spam message. The ejunk purported to be from the U.S. Internal Revenue Service and informed its recipient:

“After the last annual calculation of your fiscal activity we have determined that you are eligible to receive 760,635 tax refund under section 501(c)(26) of the Internal Revenue Code. Please submit the Tax Refund Request form and allow us 3-9 days to process it.

“Yours faithfully,
“Sarah Hall Ingram, Commissioner”

Although the spammers forgot to put a dollar sign in front of the refund amount, they were accurate in some other details in the message. There is a section 501(c)(26) of the Internal Revenue Code. It lists non-profit organizations exempt from some federal income taxes, and subsection (26) includes in that category “State-Sponsored Organization Providing Health Coverage for High-Risk Individuals.”

Sarah Hall Ingram is an IRS commissioner, but not the IRS commissioner, as the letter would lead one to believe. However, she is the commissioner of the agency’s Tax Exempt/Government Entities Division, which would be a believable source for the message.

Project Honey Pot is a community of tens of thousands of web and email administrators from more than 170 countries around the world who are working together to track online fraud and abuse.

According to the Project, the IRS spam was sent from bot malware running on a compromised machine in India. It noted that the email address used by the bot was originally harvested on Nov. 4, 2007 by a grim reaper that has sent more than 53 million messages to the address since that time.

Continue reading Project Honey Pot: One billion spams and counting»

Actress Brittany Murphy’s sudden death yesterday at the age of 32 shocked Hollywood and her fans, but hackers and spammers wasted no time in exploiting the tragedy. Already the top results for searches about her death are all malicious, leading to sites that attempt to download fake anti-virus software. Spam messages with links leading to similar sites have also been detected.

The tactic is nothing new. Spammers and hackers jump on holidays, major news stories and celebrity deaths and quickly poison search results for them using black hat SEO techniques. Earlier this year the deaths of actor Patrick Swayze and pop icon Michael Jackson were similarly exploited. Experts expect the upcoming Olympic Games and World Cup to unleash a flood of similar exploitations.