Spammers, cyber criminals who send unwanted and sometimes malicious email to our computers, have stepped-up their technique to avoid our spam filters and reach our email inboxes. According to a recent investigation by Trend Micro (Internet Security) researchers, three main differences in spamming and phishing techniques have surfaced. Phishing is fooling a computer user into clicking on a malware link.
First, there is a recent rise in the use of the Blackhole exploit kit. An exploit kit is a bundled set of malware programs and services for sale or rent to cybercriminals. These exploit kits, in this case spamming and phishing kits, are one of the reasons there are so many malware occurrences. See Cybercrime “Products” For Sale.
Second, “In many cases these messages are identical to the legitimate messages sent by the legitimate organization,” they pointed out. “Sometimes, the only difference between the legitimate version of the email and the phished version is the bad link.
[And third,] The cyber criminals behind these spam runs have demonstrated a strong penchant for impersonating social networking sites (Facebook, LinkedIn, MySpace), e-payment and e-commerce companies (PayPal, eBay), airlines (US Airways, Delta Airlines), financial institutions (AmEX, Citibank, Bank of America) and logistics services companies such as FedEx, UPS, etc.
“The spam runs pose difficulties for traditional antispam methods. Content-based filters, for instance, have a problem with the attacks because these use modified versions of legitimate emails, making detection and blocking more difficult to do,” say the researchers.
The malware payloads delivered to the user’s computer are mostly information stealing malware, for identity theft purposes, and if that isn’t enough, there is banking malware included to help you reduce your bank account balances…to zero. Seriously though, these phishing emails and Facebook posts are very dangerous.
You can help avoid being infected by these malware by:
- Not opening an email from someone you don’t know; and even if you do know the person, question opening it if it’s got an unusual subject, or if you didn’t expect the email
- Not clicking on any link you’re not sure where it’s taking you
- Not “liking” or clicking, or sharing a Facebook link that you aren’t sure about.
- Trust your intuition; if you hesitate, wonder if it’s safe, or just don’t feel right…then don’t click.
- Learn to be distrustful, suspect everything and everybody when using the Internet…it’s not a very friendly place.
Reference: Help Net Security.com
As always, I appreciate your comments on this subject…so please do. And be careful out there…it’s extremely dangerous these days.
Don’t miss an article. If you enter your email address in the Email Subscriptions box on the right column of this page, I’ll send you an email when a new article is posted. I don’t share your email address with anyone…no one; I hate spam too. Please share my site or twitter ID with your friends and family. Thanks.
Home computing is a blast…keep it safe, productive and enjoyable.
lubicp(at)yahoo.com and @paulsinternet on Twitter.