KUALA LUMPUR, Malaysia – May 13, 2008 –Symantec Corporation (Nasdaq: SYMC) today announced the emergence of a new type of Instant Messaging (IM) spam, further exploitation of trusted brands, as well as the reemergence of spear phishing in its May 2008 State of Spam report. These are some strong indications that there are no signs of spam slowing down to mark its 30th anniversary at the start of May this year.
Beware of the Spammer Bearing IM Gifts
A new type of IM spam has been detected, which purportedly ‘gifts’ the spammed recipient with the opportunity to scan through their messenger buddy list and highlight who they would like removed from it. The recipient is invited to click on a URL, which notifies them who has blocked their name on instant messenger, which then asks the recipient to provide their username and password. An example is provided below:
IM is regularly used for social and increasingly business interactions. A growing number of today’s consumers and businesses are conversing online, rather than over the phone or in person. However, the most interesting aspect of this type of spam is the theft of usernames and passwords, as many people use the same username and password across the Internet.
Spammers “Google” the Google Brand
For some time, spammers have used reputable brands to try and deliver spam and phishing messages to end-users. Symantec’s Internet Security Threat Report Volume XIII (ISTR XIII) also found that attackers are now focused on targeting sites that are likely to be trusted by end users. This time, they have targeted Google.
In April 2008, phishing emails purporting to come from the Google AdWords service have emerged. Google AdWords is a service that allows advertisers to intelligibly connect with individuals who search using Google. In the Google AdWords phishing samples that have emerged, the end-user is encouraged to click on a link to update their billing information and/or renew their account. The link in these phishing emails leads to a fraudulent website where personal information is requested and harvested.
As security companies and the Internet community pay more attention to the reputation of websites and email senders, spammers are doing their best to hide behind well-established and reputable brands.
Spear Phishing for a Subpoena
While spear phishing is not particularly new, it is a trend that has gained some prominence recently. Spear phishing is different than other types of phishing attacks because it targets specific people and organizations.
In a recent example observed by Symantec in April 2008, certain organizations received a spear phishing attack that claimed to come from a United States District Court, requesting that the recipient appear in court to testify before a jury. A fraudulent link in the email instructed the recipient to: “Please download the entire document on this matter (follow this link) and print it for your record.” However, if the recipient attempted to download the document they also installed a keystroke logging trojan.
Throughout April 2008, 80% of all email was spam, with that number jumping as high as 87% at times. There was also a drop in levels of NDR (non-delivery report) spam, which seems to indicate that spammers were playing with the viability of this technique. These findings illustrate the lengths spammers are willing to go to spread their messages.“Nowadays, spam is no longer merely a time-consuming irritant but rather a threat, blended with malicious threats such as viruses, worms, spyware and phishing scams,” said CM Woon, general manager, Malaysia, Symantec Corporation. “With attackers continuously attempting to trick users into giving up personal and financial information, having a good Internet security solution in place is more important than ever.”
In order to minimize online threats, users are advised to exercise caution during their online interactions, and install security software to help prevent spam from reaching their inbox and reduce the risk of navigating to fraudulent web sites.
A full copy of the May State of Spam report can be downloaded here.
.JPG)
No comments:
Post a Comment