Spam Industry News

Scammers jingle all the way

2005-12-21T15:41:00.000-08:00

With the holidays just days away, shoppers rush around late into the night, radio stations blare seasonal tunes--and cybercriminals busily try to scam unsuspecting targets.
"Holidays are an excellent hook for scams," Klein said. Last year there were 8,829 different phishing campaigns in December, and the number has increased since, hitting a high of 15,820 in October, he said. "The real problem with phishing e-mail is that they really look like e-mail that you would expect to receive."
CNET

Phishers attack eBay using new technique

2005-12-12T15:15:00.000-08:00

Scammers have found a new way to try to trick eBay members into giving them their personal information.
The new technique effectively hijacks links on listing or search results pages, taking people to an official-looking eBay log-in page that is actually phony.
Mercury News

'Tis the Season for Holiday Spamming

2005-12-12T15:09:00.000-08:00

AppRiver has tracked dozens of Sober variants each week since late November, when the holiday shopping season officially began. Subject lines include "christmass dinner -- eat with no worries," "send the kids a letter from Santa" and "Holiday Treats and a free gift from Jelly Belly."
TechNewsWorld

Security Threats Up Nearly 50 Percent In 2005

2005-12-07T13:53:00.000-08:00

It's been a good year for cybercrooks, especially those with the foresight to have gotten in on the boomingTrojan horse business.
The number of new worms, viruses, and Trojan horses jumped 48 percent in 2005, a security company said Tuesday, as it detailed the year's security woes.
Information Week

1 in 4 target with Phishing Scams

2005-12-07T13:51:00.000-08:00

About one in four Internet users are hit with e-mail scams every month that try to lure sensitive personal information from unsuspecting consumers, a study says.

Of those receiving the phony e-mails, most thought they might be from legitimate companies -- seven in 10, or 70 percent, were fooled by the e-mails, said the report.
CNN

Gone Spear-Phishin'

2005-12-05T11:29:00.000-08:00

About a year and a half ago, Amnon Jackont, an Israeli mystery novelist and Tel Aviv University history professor, became ensnared in a mystery of his very own: friends and students were receiving e-mail messages from him that he had never written. A few months later, unpublished paragraphs and chapters from a book he was writing were plucked from his computer and began appearing on Israeli Web sites.

Mr. Jackont took his computer to the Israeli police last fall and was told to reformat it. But his problems persisted. So the police examined his computer more closely and discovered that a malicious program known as a Trojan horse lay hidden deep inside and had hijacked the machine from a remote location.
New York Times

Phishing: Beware the Internal Revenue Scam

2005-12-05T11:28:00.000-08:00

The official-looking e-mails promise an income-tax refund, but they're really one more reminder to be cautious with personal info online

Scam artists are in hot pursuit of your identity. And they're cooking up a growing number of so-called phishing schemes, using e-mails that look like they're from a reputable source to cull personal data needed to steal your hard-earned money.
Business Week

Network Computing's Spam Filters Tested

2005-11-28T14:27:00.000-08:00

Still Sick Of Spam - Keeping Spam out of your Inbox
We've always placed our bets on technology over politicians anyway, so we invited 16 vendors to send their antispam products that run on Microsoft Exchange servers to our Syracuse University Real-World Labs(r) for testing and evaluation. We limited this review to Exchange-only offerings to serve readers with small-or no-IT groups; many small IT shops use single Exchange servers for their e-mail gateways. Antispam appliances/ firewalls, hosted spam services and products that do not integrate with Exchange were excluded from these tests-we covered them in "Sick of Spam"

NETWORK COMPUTING EDITOR'S CHOICE
B+
MailFrontier Gateway Server 4.1 MailFrontier installed in a snap using a wizard installation routine common to Windows-based software. Gateway Server includes copies of Sun's Java Runtime Engine and Apache's Tomcat for the administration console. The installation wizard warned us about Gateway Server's capacious space needs-it requested 40 GB of free space for use with its Web-based quarantine, dubbed "Junk Box."
Network Computing

E-mail-based worm puts VARs, vendors on alert

2005-11-28T14:24:00.000-08:00

The rampant spreading of an e-mail-based worm attack this week shows that after a somewhat dormant period, widescale hacker threats are alive and well.

Variants of the “sober” e-mail worm have been arriving in millions of e-mail inboxes over the past several days. Many of them have been posing as fake messages from the CIA or FBI, warning recipients that their Internet addresses have been identified as having conducted illegal activities online. Clicking on the messages exposes the users’ computers to control by whomever sent the messages.
VAR Business

UK Spammer gets 6 Years

2005-11-17T11:22:00.000-08:00

A man described as Britain's most prolific spammer has been sentenced to six years of prison.

Peter Francis-Macrae's sentencing on Wednesday in the Peterborough Crown Court followed his six-week trial and his conviction on charges of fraudulent trading, concealing criminal property, threatening to destroy or damage property, making death threats, and blackmail.

Francis-Macrae of Cambridgeshire was accused of defrauding thousands of people by tricking them into sending him money to register an .eu domain name on their behalf. He was also charged with sending fraudulent e-mails to companies and claiming they had to pay a renewal fee to avoid losing their domain names.
CNET

Arrest Shows Focus on Bot Viruses

2005-11-07T11:33:00.000-08:00

The arrest of a 20-year-old California man accused of profiting from networks of hijacked computers, among the first cases of its kind, illustrates law enforcement's increased focus on the growing scourge of "bot" viruses.

Malicious computer programs known as bots, short for robots, allow hackers to hijack thousands of far-flung computers and control them remotely. Criminals can use the commandeered machines to disseminate spam, hawk fake goods, send "phishing" emails to steal bank and other personal information or bombard corporate Web sites with Internet traffic to extract extortion payments.

A federal grand jury in California Wednesday returned a 17-count indictment charging Jeanson James Ancheta with conspiracy to cause damage to a computer, accessing a computer to conduct fraud and money laundering, among other charges.

According to the indictment, Mr. Ancheta, of Downey, Calif., earned thousands of dollars by infecting computers and then renting out access to networks of as many as 10,000 machines at a time to people who wanted to launch Internet attacks and send spam. He also hijacked U.S. government machines at the weapons division of the Naval Warfare Center and an information-systems agency at the Defense Department, the indictment alleges.

Mr. Ancheta allegedly made an additional $58,000 by surreptitiously planting adware -- programs that show the computer user targeted advertisements and tracks their activity online -- on hijacked computers, receiving payments from advertising companies for each installation.
Wall Street Journal

SEC Warns Investors Of Spyware, Phishing

2005-11-07T11:30:00.000-08:00

The agency is concerned that investors aren't taking proper precautions when accessing their accounts.
The Securities and Exchange Commission (SEC) on Thursday issued a guide to private investors on the dangers that identity thieves pose to online broker accounts.
InformationWeek

Sure, that e-mail looks legit, but is it from a 'phisher'?

2005-10-31T13:26:00.000-08:00

The e-mail in my in-box looked official. It had the familiar E-Trade Financial logo across the top. The return e-mail address was a legitimate financial document delivery website. The e-mail informed me that my statement was now available online and that I could click a link embedded in the e-mail and log on.

The problem was the e-mail was not sent by E-Trade. It was a scam.
LA Times

Microsoft takes on spam zombies

2005-10-28T11:38:00.000-07:00

Hoping to turn the tide on spam zombies, Microsoft has filed suit against entities it said used compromised PCs to send millions of junk e-mail messages.

The company has identified 13 different spamming operations that use such "zombies," it said Thursday. A lawsuit was filed against unnamed defendants in August. Since then Microsoft has tracked down some of the people behind the operations, said Tim Cranton, director of Internet Safety Enforcement Programs at Microsoft in Redmond, Wash.
CNET

My adventures in anti-spam

2005-10-24T14:22:00.000-07:00

For 24 hours I was in IT hell. A simple move to stop the onslaught of spam that was overwhelming my inbox turned into a nightmare. I was so gung-ho to increase my productivity by removing the spam that I overlooked some IT basics. Hopefully, you’ll learn from my mistakes.

A few weeks back, fed up with the amount of “enlargement” messages I was receiving, I purchased Norton Anti-Spam software. I installed it on the computer without reading any of the accompanying literature or studying the support site to see what snafus I might encounter.
Network World

FAQ: Identity fraud uncovered

2005-10-24T14:20:00.000-07:00

How could identity fraudsters get my personal information in the first place?
It depends. Fraud artists can bribe employees of banks or credit card companies who have access to confidential records, or they can pose as an employer or landlord to get a copy of your credit report, or simply steal a wallet, purse or your mail. One of the most common ways that information is snatched is through lost credit cards. All of those techniques are more frequent than any methods using the Internet.
CNET

Hackers, Scammers Hide Malicious JavaScript On Web Sites

2005-10-21T12:04:00.000-07:00

Hackers and scammers have suddenly turned to a new technique to hide malicious JavaScript on compromised or criminal sites, a security researcher said Thursday.

According to Dan Hubbard, the senior director of security and research at Websense, a family of obfuscation routines with the umbrella name of "JS/Wonka" has spread wildly in the last few weeks.
CRN

Marketing Group Requires Members To Adopt E-Mail Authentication Systems

2005-10-19T11:24:00.000-07:00

The idea is to protect both consumers--who will know the e-mail offer comes from a 'trusted source'--and the vendors' brands from illegal use.

The Direct Marketing Association (DMA) today said it will begin requiring its member companies-who represent some of the nation's largest and best-known consumer brands-to adopt e-mail authentication systems that help verify the authenticity of legitimate commercial e-mail messages.
InformationWeek

E-mail claiming to contain Version 1.4 of Skype's VoIP software contains variant of IRCbot Trojan horse

2005-10-19T11:21:00.000-07:00

After making a big splash in the news through its $2.6 billion deal with eBay, Skype Technologies (Profile, Products, Articles) can't be happy about a malicious Trojan horse that is circulating as an e-mail attachment and purports to be the newest release of the company's Internet telephone software.

The e-mail, claiming to contain version 1.4 of Skype's VoIP (voice over Internet Protocol) software client, contains a variant of the IRCbot Trojan horse, according to MessageLabs (Profile, Products, Articles) Ltd., which issued a warning earlier this week after detecting and blocking hundreds of copies of the new variant.
InfoWorld

Calif. gov. signs law to punish 'phishing' scams

2005-10-03T16:19:00.000-07:00

California Gov. Arnold Schwarzenegger signed a bill on Friday making Internet "phishing" identity theft scams punishable by law.

The bill, advanced by state Sen. Kevin Murray, is the first of its kind in the United States and makes "phishing"--getting people to divulge personal information via e-mail by representing oneself as a business without the approval or authority of the business -- a civil violation. Victims may seek to recover actual damages or $500,000 for each violation, depending upon which is greater.
News.com

Spam Rate Declines As Volume Increases

2005-09-23T11:55:00.000-07:00

Spam's slice of the e-mail pie has dropped by 12 percent so far this year, indicating that defensive strategies and technologies, and perhaps high-profile prosecutions of big-time spammers are having an affect, a message filtering firm announced Thursday.

Through August 2005, said Denver-based MX Logic, spam accounted for an average of 67 percent of the messages run through the company's filters. At the same point in 2004, spam accounted for an average of 76 percent of all mail.

Governor signs bills on identity theft, military families

2005-09-23T11:50:00.000-07:00

Gov. Arnold Schwarzenegger signed legislation Thursday that increases the penalty for e-mail spam, bolsters identity theft laws and helps families of active military members.

IDENTITY THEFT: Sending unsolicited commercial e-mails -- known as spam -- in violation of California's anti-spam law will now be a misdemeanor, punishable by fine of up to $1,000 or up to six months in county jail. The anti-spam law took effect last year, but this legislation, by Sen. Kevin Murray, D-Los Angeles, adds the punishment element.
San Jose Mercury

EarthLink lands a win in phishing suit

2005-09-22T11:44:00.000-07:00

EarthLink can't be held liable for incorrectly identifying the Web site of a legitimate bank as a fraudulent attempt to snatch customers' identities, a federal judge has ruled.

U.S. District Judge John Shabaz in Wisconsin has tossed out a case that Associated Bank-Corp. brought against the Internet service provider in April claiming negligence and injury to its business reputation.

EarthLink had warned its customers who installed a free "ScamBlocker" toolbar--and visited AssociatedBank.com--that the Web site was "potentially fraudulent" and said that they should "not continue to this potentially risky site."
CNET

Imagine Widespread Anti-Phishing Use

2005-09-20T09:50:00.000-07:00

Opinion: There are many anti-phishing tools for Windows, but they're all small-timers. That all changes with Internet Explorer 7.

Jaded old jerks like me who are skeptical of everything don't need anti-phishing software. I don't trust anyone, let alone some vendor sending me an e-mail. But anti-phishing software is definitely a good thing, and I have high hopes for it.
eWeek

After the Storm, the Swindlers

2005-09-08T11:49:00.000-07:00

Even as millions of Americans rally to make donations to the victims of Hurricane Katrina, the Internet is brimming with swindles, come-ons and opportunistic pandering related to the relief effort in Louisiana, Mississippi and Alabama. And the frauds are more varied and more numerous than in past disasters, according to law enforcement officials and online watchdog groups.

Florida's attorney general has already filed a fraud lawsuit against a man who started one of the earliest networks of Web sites - katrinahelp.com, katrinadonations.com and others - that stated they were collecting donations for storm victims.

In Missouri, a much wider constellation of Internet sites - with names like parishdonations.com and katrinafamilies.com - displayed pictures of the flood-ravaged South and drove traffic to a single site, InternetDonations.org, a nonprofit entity with apparent links to white separatist groups.
New York Times