Spam threat: Anatomy of a phishing spam scam
Wednesday, October 7, 2009
Email security depends not only on the success of anti-spam filters and firewall defenses, but on the ability of users to detect fraud and scams. After a wave of phishing attacks hit Hotmail and other webmail users, experts said educating users is vital.
Phishing attacks rely on spoofing or imitating legitimate companies and services to encourage users to give up their personal information, such as bank accounts or email passwords.
Neowin.net, which reported that 20,000 Hotmail account passwords were leaked to a website last week, found an example of a spam email that claimed to be from Microsoft telling recipients to reconfigure their Windows Live Hotmail account.
The spam email used the Microsoft logo and told potential victims to "follow these steps to complete the setup of your account." Users would be directed to a website designed to steal their password.
Phishing scams also target users of social networks like Twitter and Facebook. Once a scammer has scammed a user into divulging their login credentials, the scammer can take over their account for sending out spam messages to snag other users.
One trick used by phishing scammers uses hijacked social networking accounts to spam their list of contacts. Users who think they are receiving a message from a "friend" may be scammed into giving up their account information.
Related News:
Social networking games profting from malware, moving to iPhone - 3.15.2010
Games like Farmville and Mafia Wars have become increasingly popular on popular social networking sites like Facebook. For users who pay for the service, the threat of malware and spam is minimal. However, those who provide contact information and fill out surveys in exchange for points in the games open themselves up to scareware, spam and other problems.
Web security breaches rock Hotmail - 3.12.2010
Users of Microsoft's free email service are advised by the Redmond, Washington-based software giant to change their passwords and be vigilant as an increase in spam activity on the site has led to web security breaches.
Spam won't go away, but it can be avoided - 3.10.2010
Email filtering works to an extent in ridding computers of spam, but those pesky emails offering millions of dollars for nothing and inexpensive prescription drugs always seem to find a way through even the most stringent filters.
Spammer arrested on extortion charges - 3.9.2010
A California man was arrested and charged with extortion following a threat he made to insurance company New York Life to send spam emails aimed at hurting the company's reputation. Anthony Digati of Chino, California also planned to send spam to the company in hopes of receiving $200,000.
Email filtering recommended as Spamhaus releases spam blacklist - 3.2.2010
Spamhaus, a spam tracking website, has released a list of the worst offenders by domain named currently operating on the web on its domain block list. Aside from being a nuisance, spam is one of the easiest ways for cyber criminals to compromise web security.
|
