Clinton, Obama and McCain peddling Viagra online?

Spammers are exploiting the buzz generated by U.S. presidential primaries as a new tactic to attract computer users that might be itching for their “campaign fix”, according to a recent report from security software firm Symantec Corp.

The new spam campaign has made unwilling sales representatives of Democrat rivals Clinton, Barak Obama, Republican stalwart John McCain, according to the monthly The State of Spam report from Symantec Corp.

The candidates’ names are being used to dupe people into giving up personal information, buy drugs such as Viagra or get involve in pump-an-dump stock schemes, the report said.

“Spammers, it seems are getting a lot smarter and turning to issues or individuals tied to current events,” said Doug Bowers, senior director of anti-spam engineering at Symantec.

In February, spammers circulated a bogus link to Clinton videos cloaking a malicious Trojan. URLs containing the former first lady’s name have also been used in porn and Viagra spam, said the report

Consider the following e-mail subject headings using Clinton’s name as bait:

Subject: Hilary Clinton’s campaign yesterday struggled to convince Democrats she can deliver strong wins.

Subject: Hilary Clinton stood up for daughter!!!

Spammers, in this case, have cleverly taken the election mania and gossip angles to make sure that all bases are covered.

Symantec said the messages link to a suspect file, “mpg.exe.” which is a Trojan downloader. Once the Trojan is installed in a victim’s machine, it works at the kernel level to send spam.

Another message tracked by Symantec has the subject heading: Obama said that…

The e-mail is actually linked to a page for a work-from-home get rich scheme.

Spam volume has steadied at 78.5 per cent of all e-mail for the past two months, according to the report.

The figure indicates an increase from 61 per cent recorded for the first half of 2007.

Spam levels typically stabilize after the Christmas Holiday shopping season when spam campaigns usually reach their peak.

Even opening a single message can provide a spammer the opportunity to send hundreds of thousands of messages through an organization’s network, according to Peter Firstbrook, research director at analyst firm Gartner Inc.

The deluge can bog down a network to a screeching halt.

“What you need is a something that can stop these things before they come to your network,” Firstbrook said.

He said some security companies deploy hundreds of so-called nodes to attract spam e-mail. The system then identifies the Internet Protocol (IP) addresses sending the spam and block out future transmissions from the site.

For years, Internet black lists and e-mail filters have been used to combat spam, but Garth Bruen, who runs an anti-spam volunteer project, believes the key lies in getting Internet service providers to shut down spam sites in their area.

“What you want to do is report spam sites and make if difficult for these people to exist on the Net and do their transactions,” he said.

In Canada, the federal government has even created an anti-spam task force to combat junk e-mail and illegal marketers.

Businesses must never rely on a single solution to deal with spam, said Bowers.

“The best approach is to deploy a multi-layered security system,” he said.

Companies should use anti-spam tools that weed out spam messages by both analyzing the content and structure of the message as well as determining the reputation of the message’s originating IP address, Bower said.

Reputation-based systems determine whether the source of the message is a potential spam source while content and structure analysis is vital because spammers use audio files, images and PDF documents to cloak their messages, he said.

The Symantec report also said health related spam continues to make up for the majority of unsolicited junk mail. Pharmaceuticals, medical treatments and herbal remedies make up 38 per cent of all spam – a 30 per cent increase since November last year.

Internet spam accounts for 13 per cent, product spam is 15 per cent while financial spam took a dive from 26 per cent last year to seven per cent.

Comment: edit@itworldcanada.com

Share on LinkedIn Share with Google+