Spammers up to new and old tricks: report
Last Updated: Tuesday, April 3, 2007 | 2:16 PM ET
CBC News
Related
Internal Links
E-mail spam purveyors are using both new and old techniques to sell people goods or trick them with fraud, phishing and other scams, according to a new report.
In a bid to evade anti-spam software, the spammers are starting to break up the universal resource locator (URL) links to websites with quotation marks, Symantec Corp. said in its monthly spam report for April, released Tuesday.
"Spammers have always experimented with methods to try and evade URL filtering techniques and this seems to be another example of this," according to the report.
Non-English messages rising
The unsolicited messages are also increasingly being sent out in languages other than English, reaching people who may not previously have acted on an English-language spam e-mail.
The security software company cited European languages such as German, French and Italian, noting that the example of a casino spam message used was responsible for 70 per cent of all non-English spam attacks at its peak.
The volume of image spam is still "volatile" and closed out March at a rate of 37 per cent of all spam messages observed by the Symantec Probe Network, the report stated. The messages — which convey their message as an image to evade text-based detection and filtering — are also using European languages in an effort to slip past filters designed to detect image spam, Symantec said.
"Where once we saw random excepts from Harry Potter books included at the bottom of image spam, a new spam technique is emerging where the spammer is now using Russian and German text," the report stated.
Old trick returns
One older technique that has seen a resurgence in use among phishers is to hide the URL or internet address of a link displayed in a web browser's status bar.
| JARGON |
|---|
|
BOTNETS are networks of computers that have been hijacked by malicious groups or individuals to do their bidding. Their owners are usually unwitting victims who have no idea their machines have been infected and turned into so-called zombies. The zombie computers are typically used to distribute spam or phishing e-mails, or viruses and Trojans that let them hijack other computers. Botnet operators often rent time or bandwidth on their networks to spam e-mail marketers and phishing scam artists. MALWARE is a catch-all term for malicious software such as computer viruses, spyware and so on that compromise the security or function of people's computers. PHISHING is a technique in which criminals try to trick people into disclosing sensitive information such as online banking names and passwords and is often conducted through e-mails. PHARMING is an attack in which malicious individuals try to redirect traffic from one website to a false one. SPAM is a catch-all term for unsolicited or unwanted e-mail messages. It generally refers to e-mails that tout products or try to lure people into phishing scams or malware infection attempts. The messages are often distributed by botnets that employ zombie computers that may have been infected through a spam message. TROJANS are programs that appear to perform one function in order to hide a malicious one. Like the mythological Trojan horse such programs are named after, the deception tricks people into granting them access to a computer. ZOMBIES are computers that have been hijacked by attackers to perform commands and functions issued to them, often without the owners' knowledge. They are typically infected by Trojans that enable attackers to use them in a botnet. An infected computer is sometimes referred to as a bot — short for robot. |
Usually, when a person positions their mouse pointer over a link, the address is displayed in the status bar at the bottom of the browser window. Phishers used to get around this feature by using JavaScript to display one URL in the status bar while the link would actually open a different address once someone clicked on it. Because most e-mail programs' default setting is to prevent Javascript from being executed, that technique would not work.
Now, spammers have found a way to display a false URL in the status bar without using JavaScript, Symantec said: "The message replaces the text in the status bar with the expected legitimate URL."
Clicking on the link would show in the address input area that the URL is a fraudulent one, but it would also expose people to a potentially malicious website and possibly result in the computer becoming infected with a virus or other malware, so that is not a recommended detection technique, Symantec said.
Spam levels were relatively stable in March, accounting for about 65 per cent of e-mails sent, the report stated.
Share Tools
Top News Headlines
- Everest victim's husband says family not seeking government help
- The husband of a Toronto woman who died trying to climb Mt. Everest on Saturday says his family is not seeking government help to cover the cost of bringing his wife's body home. more »
- B.C. premier unhappy with disgraced Mountie's transfer
- B.C. Premier Christy Clark says she is not happy with the RCMP decision to transfer a disgraced Alberta Mountie to the West Coast. more »
- Henrique's OT goal sends Devils into Stanley Cup final
- The New Jersey Devils will vie for a potential fourth Stanley Cup in franchise history after defeating the New York Rangers in six games in the Eastern final, courtesy of rookie Adam Henrique's goal early in overtime. more »
- Employment Insurance review boards to be scrapped
- The federal government is scrapping two review boards used by people appealing decisions made about their employment insurance. more »
Latest Technology & Science News Headlines
- Unloading of docked SpaceX capsule to start Saturday
- The privately bankrolled SpaceX Dragon capsule made a historic arrival at the International Space Station on Friday, and astronauts will begin unloading some of the 544 kilograms of food, water, clothing and other supplies its carrying starting Saturday. more »
- South Africa, Australia to share world's largest telescope
- South Africa and Australia will jointly host the Square Kilometre Array, which promises to be the world's largest telescope, the international consortium in charge of the project said Friday. more »
- Bonavista, N.L., 'coyote' was really wolf, tests confirm
- Wolves have not been seen in Newfoundland since around 1930 and were believed to have been hunted to extinction on the island, but genetic tests have confirmed that an 82-pound animal shot on the Bonavista Peninsula in March was, in fact, a wolf. more »
- Once-rare argus butterfly thriving thanks to climate change
- Global warming is threatening the existence of many species, such as the giant polar bear, but in the case of Britain's brown argus butterfly, it took a species in trouble and made it thrive. more »
- Yahoo scraps digital magazine designed for iPad
- Yahoo has killed Livestand, a tablet magazine, just six months after its debut on the iPad. more »
Bob McDonald's Blog
Government to shut down unique fresh water research area May. 25, 2012 12:31 PM The Experimental Lakes Area research facility in Northern Ontario is being closed down after 44 years of providing invaluable data to scientists in Canada and internationally, a decision that has stunned researchers and environmental groups.
Quirks & Quarks
- May 26: Before the Lights Go Out May. 25, 2012 4:15 PM A new book, "Before the Lights Go Out: Conquering the Energy Crisis Before It Conquers Us", suggests that the unpredictable, unplanned, ad-hoc way our energy use developed in the past will shape our energy future.
Latest Features
- Aylmer triple stabbing leads to first-degree murder charges
- Everest victim's husband says family not seeking government help
- B.C. premier unhappy with disgraced Mountie's transfer
- Third B.C. salmon farm quarantined
- What a Greek euro exit could mean for Canada
- RCMP officer charged in fatal crash
- Canada ending 'Buffalo shuffle' for visas, closing consulate
- Reclaiming the dead on Mt. Everest
- Employment Insurance review boards to be scrapped
