spam

An online scam scheme sends junk email messages telling people that a hotel has mistakenly charged their credit card with a wrong payment. The result of being victimized is an infected PC.

According to reports the messages appeared on the net in recent days and so far there are hundreds of versions already. The main theme is: A hotel wrongly charged a credit card number and the victim is supposed to fill out an attached form to process the refund.

Osama bin Laden’s death is widely used today by hackers to lure unwitting people into installing malware. The tricks work because people want to see the photos of a dead Al Qaeda leader, but the alleged pictures of bin Laden’s corps are in fact malicious, warned the FBI.

"It's not really surprising," said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. "We were expecting to see related malware."

New malware is circulating on the Internet that infects Mac machines and tries to trick users into giving away their credit card data. According to Intego the malicious app called MacDefender hides on some webpages that use search engine optimization to spam the results of popular searches. On such infected websites users can see animation of a malware scam followed by a pop-up message telling users that their computer is infected. JavaScript on the page then automatically downloads a compressed ZIP file containing the malware.

Since March when Microsoft in association with the U.S. Federal Marshal service and security firm FireEye shut down the Rustock botnet the number of email messages with malicious links increased significantly. While the shutdown resulted in a sharp decline of spam messages it provoked great lack of zombie machines thus prompting perpetrators to send more malicious messages.

Spam tweets that offer links to a sex dating service were recently sent by an official Twitter account, according to the finding of security researchers.

The source code for the infamous ZeuS toolkit is being offered by some cyber criminal through the underground forums on the Internet.

Nicknamed IOO the supposed seller provided proof of having the code by placing some screenshots of the source code portions. The sale is offered to be discussed vie either ICQ or Jabber. Any escrow payment is accepted.

The screenshots make reference to peinfector.cpp, a project of ZeuS known as "Murofet". While security researchers cannot verify if the sale is genuine they are taking the potential offer seriously.

According to a research conducted by a security group Firefox and Chrome browsers cannot detect new phishing attacks that targeted recently customers of Bank of America and PayPal. The phishing scam manages to bypass fraud protections built in to the Mozilla Firefox and Google Chrome by attaching an HTML file to the spam email.

Cyber crooks unsurprisingly pounced on the tragedy in Japan using earthquake and tsunami reports for their own venal purposes. According to the reports by security researchers scams come ranging from links to fake anti-virus downloads and phony donation sites to classic online swindles that rely on greed.

Instead of sending heavy spam traffic cyber crooks now use targeted attacks via social networks like Facebook and LinkedIn, according to the report made by Cisco security executive Tom Grills.

"2010 was the first year spam volumes went down," Gillis said during an onstage interview at DEMO Spring 2011. "Does that mean spam is less of a problem? No."

Now spammers view Facebook and other social networking websites as more effective tool to launch attacks targeted at certain companies or people.

A security vendor Symantec found that Internationalized Domain Names that include Arabic, Chinese and Russian characters, among others, are increasingly gaining popularity among spammers who use them as a home for penis pill websites.

The availability of such characters gave a new opportunity for spammers to establish spamvertized portals. Symantec intercepted one German language spam message that uses a URL shortening service to redirect to an IDN domain.

According to separate studies a great number of users still remain infected with PC malware even though their machines have security protections such as anti-virus software.

One study by European Union statistics agency EUROSTAT shows that 31% of PC users had malicious software in spite of the fact that 84% of users were running security apps including anti-virus, anti-spam and firewall. Besides, 3% of respondents also reported financial losses because of farming or phishing attacks, while a further 4 per cent reported privacy violations involving data sent online.

Hotmail service adds more features that will allow users to have disposable email addresses. Microsoft is now making it even easier for users to redirect their mail to existing primary address. While Hotmail users can already avail of add a +sign and a word to the first part of their email address to create a sub-address, under new rules people will be able to add up to five new email addresses per year. Messages will be sent to a folder within your primary email.

According to reports from Last Line security firm researchers have taken a closer insight into the inside of the renewed Waledac botnet and found that the Storm botnet successor contain passwords for almost 500,000 Pop3 email accounts, allowing spam to be sent through SMTP servers. Waledac masterminds hijack legitimate email servers and evade IP-based blacklisting techniques that many spam filters use to weed out junk messages.

The United States retained its top position in the "Dirty Dozen" list of spam relaying nations compiled by security firm Sophos.

"Traditional subject matter such as adverts for pharmaceuticals continue to be a concern, with some 36 million Americans reported to purchase drugs from unlicensed online sellers--but more and more messages are spreading malware and are attempting to phish user names, passwords and personal information," Sophos said in a statement.

After a ‘temporary peace’ given for the time of the festive days spam volumes returned to their normal levels doubling over just 24 hours globally. As reported by MessageLabs the Rustock botnet is now out of hibernation and working at its full capacity sending tons of useless junk mail messages from hundreds of thousands of compromised Windows machines.