Donbot spam combining functionality of Facebook, Twitter
Monday, November 23, 2009
Email security is under threat once again by a sophisticated, widespread new malicious spam campaign, according to experts at MessageLabs. The holiday-themed messages seem to emanate from a pair of known botnets known as Rustock and Donbot.
The scams are of the traditional "get rich quick" variety, offering unsuspecting victims the opportunity to participate in a program that could make them millions of dollars for little effort - after paying the introductory fees, of course. The messages circumvent spam blockers by linking to Twitter pages or Facebook profiles, thereby appearing to be of legitimate provenance.
Both the Twitter and Facebook variations of the scam rely on the good reputation of the social networks for viability, disguising malicious links as images sent in the body of the spam message. Additionally, many link signature verification services recognize Twitter and Facebook as "trusted sources," enabling unrestricted delivery of content sent from either site.
The Tech Herald cites MessageLabs experts as warning users not to accept any kind of "introductory fee" for any service, be it employment, investment or other.
Related News:
Password security a tall order for many web users - 1.22.2010
A recently released study from tech researcher Imperva showed that the most popular password among users whose accounts were compromised in the recent RockYou data breach was as follows: 123456.
Facebook fixes "wrong friends list" mobile network security glitch - 1.22.2010
CNET reports that social media network Facebook has repaired a problem in the mobile version of its service that caused some mobile users to have full access to the friends lists of unassociated users.
Automated phishing scam hits bank customers - 1.14.2010
Phishing attacks do not target victims exclusively via email, experts say, pointing to a recent rash of automated phone calls that attempted to convince victims to give up sensitive banking information.
Scammers ride aftershocks of Haiti catastrophe - 1.14.2010
The Federal Bureau of Investigation has issued a warning to those who want to contribute to earthquake relief efforts in Haiti, saying that cyber criminals and other types of scam artists are trying to take advantage of an outpouring of humanitarian support.
Banking Trojans finding new vector with fake Outlook alerts - 1.11.2010
A spurious alert purporting to come from Microsoft Outlook has cropped up in recent weeks, according to a maker of email filtering software.
|
