07 Nov Gaddafi’s death in spam Maria
13 Sep New spam sources in the making Maria
07 Sep SQL for dummies Natalia Zablotskaya
24 Mar Lab Matters - The State of Spam Ryan Naraine
21 Dec The 12 scams of Christmas David
15 Nov Phishing on the rise Aleks
Join our blog
You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.
“Nigerian” spammers are extremely quick to react to the world’s hottest news stories. News of the death of former Libyan leader Muammar Gaddafi had barely even broken before a string of emails from the “relatives of the deceased” began to appear.
Gaddafi’s inconsolable relatives would be amazed if they knew how many emails had been sent in their name to Internet users around the world.
Instead of joining in the funeral rites, it looks like Gaddaffi’s sons and daughters, or his wife, his brothers or even friends, have rushed straight to their PCs to write to people all over the world asking for help in spiriting uncountable millions of dollars out of the country.
According to the “Nigerians”, the family of the Libyan leader is worth hundreds of millions of dollars. The emails which fell into my hands cited a minimum figure of $300 million.
Most of these emails purport to come from “Gaddafi’s wife”. The spammers seem to think their heart-rending stories about her hard life in her husband’s family could explain her sudden desire to share his money with her close friends. Or even with distant strangers, depending on the recipient of the email.
She’s not alone, though: an unlikely coalition of “opposition forces”, “lawyers” and “bank clerks who have access to Gaddafi’s accounts” also share the general desire to transfer the Colonel’s money abroad.
“Nigerian” spam is, of course, pure fraud. None of Gaddafi’s wives or even his lawyers will ever send emails to someone they do not know asking for help in getting millions of dollars out of the country and offering an unknown agent the commission for doing so. If a user takes the bait the fraudsters will extort money from him to allegedly cover different “expenses” until no more money is left. One should be realistic about the many offers received via the Internet from an unverified source calling himself Colonel Gaddafi’s son (ALL OF A SUDDEN!).
Below are the screenshots of several “Nigerian letters” sent on behalf of Gaddafi’s family:
After the Pushdo/Cutwail, Bredolab and Rustock botnets were taken offline, the geography of spam sources underwent some major changes. In particular, from September 2010 the US, for a long time the leading spam distributor, began to lose ground. For several months now it hasn’t even made it into the Top 10 leading sources of spam and only occasionally appears at the bottom of the Top 20.
The US and some European countries have been replaced by Asian and Latin American countries. The cybercriminals have clearly established new bases for distributing spam with eight of July’s top 10 spam sources located in Asia and Latin America.
In their attempts to bypass e-mail filtering systems and deliver their information to users, spammers often resort to all sorts of tricks. Although really new tricks (such as distributing mp3 files with voice-generated messages) are relatively uncommon, sometimes they do come up.
Kaspersky Lab analysts have recently come across a few curious samples. While masking text with noise is nothing out of the ordinary, the links were arranged in a rather unusual way.
The trick itself turned out to be rather simple and has been relatively harmless so far: a URL in the message is a request to a website that is vulnerable to SQL injection. The code yields one string, which is a spam link (in this case, a typical pharmacy ad). This is where the browser is redirected – naturally, if the original site allows such code to be executed.
Some instances we encountered during a week of observations demonstrate that following a large-scale SQL-attack LizaMoon many website owners took relevant security measures and finding suitable “donors” on a mass scale was not at all that simple.
The end of 2010 was a rather bad time to be a spammer. Thanks to an industry-wide effort that included botnet takedowns and legal cases, we saw a dramatic shift in the way spammers used unsolicited e-mail to make money. In this Lab Matters webcast, Kaspersky Lab senior spam analyst Maria Namestnikova looks closely at the pharmaceutical spam operations and discusses how spammers are using affiliate programs and rebuilt botnets to recover from last year’s crackdown.
Even though we're a Russian company, we know that most people in the UK (including me!) prefer to get their news in English. So here's a few facts and figures:
In a recent statement, the Office of Fair Trading estimated that losses caused by Internet fraud amounted to £14 billion per year. That's a lot of money! It's also a lot of victims!
The OFT statement quotes research carried out by the University of Portsmouth, commissioned by ACPO (Association of Chief Police Officers) and NRA (National Fraud Authority):
The report indicates that many people are reluctant to report fraud of this kind - because they're ashamed, embarrassed, angry or simply confused.
The first thing to remember is that you should be very, very wary of 'get-rich-quick' schemes: if something looks too good to be true, it almost certainly is! Please don't hand over money to complete strangers and avoid disclosing any personal information unless you know eactly who you're dealing with. The NRA gives a helpful list of the '12 scams of Christmas' so if you're in any doubt, check this list out.
If you do fall victim to an Internet scam, please do report it - you can do that here. Nobody's going to judge you - on the contrary, the more reports are made, the better we can quantify the threat! Remember, we can't begin to really manage the problem of Internet fraud and cybercrime unless we can measure it effectively.
Over the past week we saw more and more phishing emails every day. A major European ISP told us that within 24 hours they scanned 16 million messages and 268,000 were phisihng scams. And this wasn't one scam - there were many different messages targeting companies including Citibank, US Bank, EBay, Pay Pal and Sun Trust.
On the other hand, the computer underground may be taking revenge for the successful arrests of fellow cyber criminals over the past several months around the globe.
We are monitoring the situation, but do caution users to be extra careful about anwering emails from financial institutions.