The recent fever over the FIFA World Cup made unsuspecting victims an easy target for malware makers, spammes, and scammers using the sport as a means to spread nefarious software or lure users into money-making scams. It seems the entire world was in the grip of the 2010 FIFA World Cup fever as several countries vied for football supremacy in South Africa. Unfortunately, malware makers, spammers, and scammers capitalized on the fever as well, using references to the event as a means to spread nefarious software or lure unsuspecting users into money-making scams. Some of the threats included 419-style scams , lures selling fake tickets, even fake products and business opportunities related to the World Cup. One particular ploy involved a couple of websites selling a bogus filter to cancel out the sound of noisy “Vuvuzela” trumpets in TV broadcasts. Scammers had even used legitimate websites to sell them—such as eBay and other auction sites. Several spammers used sophisticated techniques to confuse SPAM filters by using tools to automatically scrape the text from hundreds of websites (including news sites) and using them to spray random bits of this text into their messages. Another new development that was seen were targeted attacks on top executives of international manufacturing companies and government agencies. With the 2010 World Cup behind us, what does this mean to us now? Everyone should always be on guard against websites, links, or messages that seem too good to be true (because most likely they are), but understanding that scammers and spammers especially thrive during popular events helps everyone to be on extra high alert.
A recent report , released by Osterman Research and sponsored by software vendor Commtouch, reports that the incidents of outbound spam is getting worse. The research firm interviewed 266 end users of internet service providers and 100 web hosting companies. Almost 40% of respondents have had their IP addresses listed on Real Time Blackhole Lists (RBLs) in the past 12 months alone – and the number could be far greater considering those who may not be aware that they have been listed. RBLs tag machines or networks of machines as being sources of SPAM, causing their emails to be filtered out by many mail servers. This can result in legitimate emails not reaching their intended destination, and can victims’ reputations. In addition, having an infected machine or network of machines can waste bandwidth and slow down outbound connections. The cause of outbound spam varies, but can including everything from compromised email accounts to “zombie” machines – machines infected with malware sending out spam unbeknownst to the user. There are multiple ways of protecting computers and networks against the risk of outbound spam, and our Managed Services clients benefit from our proactive protection and filtering. Contact us to find out more.
A survey conducted by the Messaging Anti-Abuse Working Group or MAAWG reveals that a almost half of computer users in North America and Western Europe not only open spam emails, but also click on the links and open attachments found within these messages intentionally. This not only invites more spam, but potentially exposes them to a large number of security risks as well. Data from the survey revealed that: Nearly half of those who have accessed spam (46%) have done so intentionally – to unsubscribe, out of curiosity, or out of interest in the products or services being offered. Four in ten (43%) say that they have opened an email that they suspected was spam. Among those who have opened a suspicious email, over half (57%) say they have done so because they weren’t sure it was spam and one third (33%) say they have done so by accident. 84% were aware of the concept of bots. Yet, most think that they are immune from these viruses, with only a third saying they consider it likely that they could get a bot on their computer. Spammers have mechanisms which allow them to track whether their emails are accessed or not. Opening or even unsubscribing from spam messages further invites them to send even more spam. Furthermore, Spam messages these days are not only vehicles to solicit or sell goods and services of dubious source and value, but are increasingly being used as vectors to spread malicious software or malware. Clicking on a link, opening an attachment, or just viewing it can potentially open users’ computers to vulnerabilities in the operating system or installed applications. This in turn can turn compromised systems into “bots”, or unwitting accomplices in spreading more spam or malware. It pays to be aware of this next time you receive suspicious email – and make sure that your employees understand the risks as well. Sometimes even your antivirus software isn’t enough to protect you – so please ask us about our Managed Security Services and how we can help you not only fight spam but prevent it from reaching your Inbox in the first place. Related articles: Survey: Millions of users open spam emails, click on links (zdnet.com) Twitter spam drops to under 1 percent (networkworld.com) Brazil-originated spam levels topping 13% says Panda Security (infosecurity.com)