Spammers: It Just Keeps Working

Thursday, April 5, 2012 @ 02:04 PM gHale


Spam attacks and malware-laden email campaigns hit systems giving the impression they were from well-known and trusted companies offering promotions for popular products and services.

Victim companies: Google, LinkedIn, Skype and the video game Mass Effect 3.

RELATED STORIES
Rogue AV Lets Victims do Dirty Work
Fake Google Antivirus Circulates
Java Attack Installs Malware in Memory
Stress Testing Web 2.0 Apps

Thinking along the lines of “if it works, keep using it until it doesn’t,” attackers keep going back to tried and true approaches.

“Taking advantage of the notoriety of companies, celebrities and major events is a tactic cybercriminals continue to use because it works,” said Christopher Boyd, senior threat researcher at GFI Software.

“They know that Internet users are bombarded with countless emails every day, and these scammers prey on our curiosity and our reflex-like tendency to click on links and open emails that look like they’re coming from a company we know and trust,” he said.

Google served as the hook for two scams uncovered by GFI in March. One SEO poisoning attack told users that “Google systems” had detected malware on their computer and directed them to download a rogue antivirus application.

Meanwhile, spammers inundated mailboxes with messages containing fake announcements for “Google Pharmacy,” a phony service touted as a “pharmaceutical interface for Google.” The body of the email consisted of a single image rather than text in order to circumvent spam filters. Victims who visited the URL contained in the image spam ended up directed to Pharmacy Express, a site linked to spam attacks since 2004.

Users of social networking site, LinkedIn, received fake invitation reminders redirecting them to a BlackHole exploit and infected their machines with Cridex, a Trojan that has targeted banks, social networks and CAPTCHA tests. Other cyber criminals targeted Skype users with a spam campaign claiming to offer free Skype credit, but instead, directed users to a compromised site hosting malicious Java exploits.

Finally, March saw scams and cybercrime efforts revolving around the launch of Mass Effect 3, one of the most eagerly awaited games of the year so far.

The fake downloads eventually lead users to a myriad of fake surveys and other affiliate marketing scams.

“If something seems off, users should trust their instincts and investigate further,” Boyd said. “The important thing for everyone to remember is that the Internet provides us with the ability to easily double check every link or attachment that we come across with a simple web search. Pay attention to details such as link URLs and scrutinize where they are directing you if there is any doubt. This may sound like common sense, but having this mind set can often be the difference between avoiding a stressful attack and losing valuable time, money and personal information.”



Leave a Reply

You must be logged in to post a comment.