As if John McCain’s selection of neophyte Alaskan Governor Sarah Palin to fill the second half of the Republican Party’s presidential bill wasn’t sensational enough, spammers proclaimed Paris Hilton as the unlikely running mate.
Aside from proclaiming ridiculous and false news in August, spammers were hard at work, trying their best to spread malware to Inboxes everywhere.
Their favoured method to lure e-mail recipients into clicking on sinister links was to refer to Internet-related goods and services, according to Cupertino, Calif.-based Symantec Corp.
The security vendor released its State of Spam report, covering the spam-o-sphere for the month of August. More than one-quarter of all spam messages referred to online services, an increase of nine per cent since June.
“It just really came home to us this month,” says Dermot Harnett, editor of the monthly spam report at Symantec. “This is such a big increase, it is just shocking, it’s a huge percentage increase.”
Normally, not much changes in the spam world. But spammers have been putting effort into this new category of attack message, and it comes as a wake-up call, the security analyst says.
Spammers are trying to get around spam filters by linking to malware instead of attaching it to a message, the report says. That trend explains the rise in the number of messages referring to online services.
Overall, spam seems to hit a ceiling by accounting for eight out of every 10 e-mail messages. That statistic has been static for the last several months, but is higher than the 71 per cent of all e-mail one year ago.
“It’s a huge number,” Harnett says. “For it to increase much more, spammers would have to put a lot more effort into it.”
Here’s five messages that spammers thought might just slip past anti-spam filters and entice the recipients into installing a piece of malware.
McCain’s unlikely running mate
A spam message with a subject proclaiming “Breaking News… McCain Chooses Paris Hilton as Running Mate” was pushed to many Inboxes last month. The message included a picture of the heiress to the Hilton fortune and a link promising more details.
The message was well-timed, just before the Republican Party was to name the vice-presidential candidate to accompany John McCain in his bid for the White House this November. Guessing who the running-mate might be was a common discussion across the U.S.
“People were talking about it around the water cooler,” Hartnett says. “It also played off of some other recent events on the Internet.”
An ad by McCain’s campaign characterizing opponent Barack Obama as a celebrity that was unfit to be president included footage of Hilton. She responded with a mock video, declaring her policy plans if she were elected to run the world’s most powerful country.
But those who clicked on the link to read about the sensational news were sorely disappointed.
“If you followed the link in this message, it would try to download a piece of malware,” Hartnett says.
Media under fire in Georgia
Several spam messages sought to take advantage of the Russia-Georgia conflict last month. A big story in the world news media, spammers hoped it would lure in some e-mail recipients.
One subject line declared “Journalists Shot in Georgia.” The message contained an attachment that is said to be a photo of journalists being fired at, but is really just malware.
Spammers were once again trying to take advantage of a real world situation. A video of a reporter that was nicked by crossfire while reporting from Georgia was made popular in August. Georgian reporter Tamara Urushadze continued her reportage after her left arm was grazed by a bullet.
Using news stories to spread malware has become a standard trick for spammers, Hartnett says. August examples of this also include the U.S. election and the Olympics.
“If spammers feel that if they have a slight chance of getting a message through by using a recent news headline, they’ll do it,” he says.
Seeking jobs, finding malware
The recent economic downturn in the U.S. means there are a few more people searching for jobs on the Internet. Usually the worse e-mail those job seekers will receive is a rejection letter, but in this case it was infectious malware.
A message purporting to offer a part-time position with many lucrative benefits turned out to be a hoax, Hartnett says. Users who clicked on a link were taken to a .exe download that infected their computers.
It’s another example of linking to malware in spam, instead of attaching it.
“It’s like a cat and mouse game,” the security analyst says. “They’ll try anything to get around the filters.”
Prevent hoaxes – install malware
Employees at a financial institution fell prey to what Symantec is dubbing a “threat trifecta” – a phishing spam message that contained a malware attachment. That’s a lot of threats in one message.
The hoax message informed employees that a new security measure was being introduced by the financial institution. It urged recipients to download the attached program immediately to ensure protection.
“Any program you try to download to protect yourself, make sure it’s not malware itself,” Hartnett advises. In this case, the program downloaded was malicious.
