Posts Tagged ‘zombie’

Account Notification – Triple Threats

Tuesday, April 27th, 2010

Now we have an apparent “kitchen sink” Trojan and virus attack where the spammers are throwing multiple attack vectors within the same campaign and are just hoping something sticks.

The emails are sent from a remarkably wide variety of infected mail servers and individual personal computers spanning the globe. They are spoofing everything from completely random email addresses to claiming to come from the recipient’s own email account.

What is consistent within the current campaign now circulating is that they will include your domain in the subject line, followed by the phrase “account notification” such as:

Subject:      yourdomain.com account notification

more »

What is wrong with you people?!

Thursday, April 1st, 2010

According to a recently published Messaging Anti-Abuse Working Group (MAAWG) survey, “half of email users in North America and Western Europe have opened or accessed spam and large proportions, representing tens of millions, have taken action like clicking on links or opening attachments”. Worse yet, nearly half of those did so on purpose “to unsubscribe, out of curiosity, or out of interest in the products or services being offered.”

We have to wonder if these same people would leave the keys in their cars to find out if there are really car thieves or would by a luxury watch from a guy on a street corner?

Probably not, as they would likely see the inherent danger in the physical world. However, in a world where most financial transactions are handled electronically, inviting strangers into your computer is an equally bad idea. more »

Online order for airplane ticket – Virus

Tuesday, March 30th, 2010

It’s back….. the email confirmation (really a Trojan/Virus) for the airline ticket you never purchased is again making the rounds.

The subject line is pretty straightforward:

Online order for airplane ticket N648365

Though the “order number” at the end is randomized in order to try and evade some of the simpler spam filtering systems.

more »

RIP Internet Explorer 6

Thursday, March 4th, 2010

A few weeks ago we posted about Internet Explorer’s most recent vulnerability issue. In that post we noted that IE’s security problems allow millions of computers to be turned into  zombie slaves for spammers and other unsavory elements on the Internet. This week one of the worst offenders in the IE family is being buried in effigy by Denver based design firm Aten Design Group. more »

Viagra Email Sets New Records

Monday, February 8th, 2010

A newer and very popular tactic with “Viagra and Cialis” spammers is to move part of their sales pitch out of the email “Subject” and into the “From” address instead.

This technique takes advantage of the fact that email standards allow for the
“From” address to include both an actual email address <user@domain.com> and also what’s commonly referred to as a “Pretty Address” where the sender can include any name or title they choose.

more »

AOL’s New AIM Instant Messenger Phishing Scam

Friday, January 22nd, 2010

A new Phishing scam is making the rounds, targeting AOL’s Instant Messenger users and attempting to trick them into sharing their AIM login username and passwords.

Emails are currently making the rounds with subject lines like:

  • AOL Instant Messenger critical update
  • The latest update for the AIM
  • AIM critical update
  • Your AIM account will be deleted

more »

Fighting Zombies For Real

Friday, January 22nd, 2010

We fight zombies every day. Really. No, not the George Romero kind. We deal with electronic zombies.

Thanks to the prevalence of “always on” Internet connections and the lack of security precautions on the part of the owners of a large population of computers using these connections, the Internet is crawling with zombies.

They’ll suck out your brains!

Internet zombies are like movie zombies in a few ways:

  • They’re after your brains: Zombies are responsible for a major portion of the mindless in-box pollution known as spam. If they get their teeth into you, you’ll start doing stupid things like buying pharmaceuticals from anonymous internet addresses.
  • They don’t respond to reason: In the movies you can pound on zombies with a baseball bat and they hardly notice it. Similarly, if you reply to email from a zombie it only encourages them.
  • They’re contagious: Besides sending spam zombies also try to recruit other zombies. Once a machine becomes a zombie, the virus animating it will often look through email contacts and network connections available to its host computer in order to find other computers to infect.

more »

Is DHL Delivering Virus Attachments?

Sunday, January 17th, 2010

Shortly after posting about the UPS virus emails, we now see the virus attack campaign has morphed into a DHL version of the same virus attachment routine.

Just in case anyone is confused about the latest round of emails claiming to now be coming from DHL, let’s make it clear that if they contain an EXE and a ZIP attachment then they’re viruses.

Subject lines for this campaign are fairly similar, with a randomized number tacked onto the end to help avoid simplistic spam filters:

more »

Is UPS Delivering Virus Attachments?

Thursday, January 14th, 2010

If you or anyone in your organization is confused about the latest round of emails claiming to be from UPS concerning delivery notices, let’s make it clear that if they contain an EXE and a ZIP attachment then they’re most certainly viruses.

Subject lines for this latest campaign are fairly similar, with a randomized number tacked onto the end to help avoid simplistic spam filters:

more »

New and Aggressive “Settings File” Phishing Campaign

Saturday, January 9th, 2010

Over the last few days we’ve noticed a substantial and high-volume new Phishing attack that is tricking many users into providing their confidential email account login information to spammers at an alarming rate.

What is unique about this new Phishing scam is that it uses enough personalization and randomization to confuse the recipient into believing it might be a legitimate message from the user’s own email administrator.

more »