Spam now accounts for 90.4 percent of all e-mail, according to a report released Monday from security vendor Symantec. This means that 1 out of every 1.1 e-mails is junk. The report also notes that spam shot up 5.1 percent just from April to May.
Symantec's May 2009 MessageLabs Intelligence report reveals other disturbing trends, as well. Rather than just hijack disreputable Web sites, cybercriminals now favor older and well-established domains to host their malware. The report says 84.6 percent of all domains blocked for malicious content are more than a year old. One type of domain now especially vulnerable to threats is social networking, since most of the sites' content is created by users.
"Spammers using better-known and thus more widely trusted Web sites to host malware is reminiscent of the spammers who rely on well-known Web mail and social networking environments to host spam content," said Paul Wood, Symantec's MessageLabs Intelligence senior analyst. "The trustworthy older domains can be compromised through SQL injection attacks while newer sites are more likely to be flagged as suspicious--a temporary site set up with the sole purpose of distributing spam and malware--and thus faster to get shut down."
Where you live also determines when you're spammed, says the report. For people in the U.S., spam hits its peak between 9 a.m. and 10 a.m. and then drops overnight. Europeans get a solid stream of spam throughout the day, while users in Asia-Pacific countries find most spam waiting for them in the morning. One reason for this trend, says the report, is that most spammers are at their busiest during U.S. working hours.
The popular CAPTCHA program, which asks the user to type in a series of random characters, is no longer proving as effective as once hoped. Many Web sites have relied on CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) to ensure that accounts are created by actual human beings.
But criminals have now succeeded in generating profiles with random names, apparently by using automated CAPTCHA breakers. The report notes that some major Web sites are now exploring other ways to block automated accounts, such as using photographic images that a user must analyze.
SOURCE : http://news.cnet.com/8301-1009_3-10249172-83.html
Symantec's May 2009 MessageLabs Intelligence report reveals other disturbing trends, as well. Rather than just hijack disreputable Web sites, cybercriminals now favor older and well-established domains to host their malware. The report says 84.6 percent of all domains blocked for malicious content are more than a year old. One type of domain now especially vulnerable to threats is social networking, since most of the sites' content is created by users.
"Spammers using better-known and thus more widely trusted Web sites to host malware is reminiscent of the spammers who rely on well-known Web mail and social networking environments to host spam content," said Paul Wood, Symantec's MessageLabs Intelligence senior analyst. "The trustworthy older domains can be compromised through SQL injection attacks while newer sites are more likely to be flagged as suspicious--a temporary site set up with the sole purpose of distributing spam and malware--and thus faster to get shut down."
Where you live also determines when you're spammed, says the report. For people in the U.S., spam hits its peak between 9 a.m. and 10 a.m. and then drops overnight. Europeans get a solid stream of spam throughout the day, while users in Asia-Pacific countries find most spam waiting for them in the morning. One reason for this trend, says the report, is that most spammers are at their busiest during U.S. working hours.
The popular CAPTCHA program, which asks the user to type in a series of random characters, is no longer proving as effective as once hoped. Many Web sites have relied on CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) to ensure that accounts are created by actual human beings.
But criminals have now succeeded in generating profiles with random names, apparently by using automated CAPTCHA breakers. The report notes that some major Web sites are now exploring other ways to block automated accounts, such as using photographic images that a user must analyze.
SOURCE : http://news.cnet.com/8301-1009_3-10249172-83.html
Labels: 419 scam, 419 Scam fraud, ATM Scam, email scam, Nigerian Scam, Nigerian Spam, scam, spam
Posted on Wednesday, May 27, 2009
That's the question I posed on Twitter this morning, and I've already seen a number of positive and similar responses. I started to notice a change for the worse about three or four weeks ago. I'm getting pounded with spam in both my personal Gmail account and my GigaOM Google Apps for Domain Inbox. A fair number, perhaps half or more, are in foreign languages, so they're doubly wasted on me: I can't even understand the spam! ;)
I'd love to see some way to "reset" the spam filtering in Gmail for situations like this. Checking Google's Gmail Help section on removing spam tells me that "the more spam you mark, the better our system will get at weeding out those annoying messages." Ironically, I'm finding lately that the exact opposite is happening: I'm marking more and more messages as spam, but getting even more (or at least as many) in return. Back in late 2007, Google reported fairly impressive spam-filtering statistics. I may look around to see if that data has been updated lately.
It's getting so bad that it's taking at least 15 to 30 minutes of my day to mark items as spam in the two accounts. That's simply too much effort. Is it just me and a few other folks on Twitter, or have you noticed this of late as well? I'm still thinking that, like sending a piece of snail-mail, maybe we should be charged a minimal micro-payment for every e-mail we send. Oy!
SOURCE : http://jkontherun.com/2009/05/13/is-gmails-spam-filtering-failing-for-you-too/
I'd love to see some way to "reset" the spam filtering in Gmail for situations like this. Checking Google's Gmail Help section on removing spam tells me that "the more spam you mark, the better our system will get at weeding out those annoying messages." Ironically, I'm finding lately that the exact opposite is happening: I'm marking more and more messages as spam, but getting even more (or at least as many) in return. Back in late 2007, Google reported fairly impressive spam-filtering statistics. I may look around to see if that data has been updated lately.
It's getting so bad that it's taking at least 15 to 30 minutes of my day to mark items as spam in the two accounts. That's simply too much effort. Is it just me and a few other folks on Twitter, or have you noticed this of late as well? I'm still thinking that, like sending a piece of snail-mail, maybe we should be charged a minimal micro-payment for every e-mail we send. Oy!
SOURCE : http://jkontherun.com/2009/05/13/is-gmails-spam-filtering-failing-for-you-too/
Labels: 419 scam, email scam, Nigerian Scam, Nigerian Spam, scam, spam
Posted on Wednesday, May 13, 2009
CBS 2 HD has a warning about using your local ATM. Thieves are installing small skimming devices on area bank machines that can steal your personal account information in a matter of seconds.
The NYPD said Monday the men are part of a sophisticated ring trying to drain money from ATM customers' accounts at Staten Island banks going back to November of 2008. And even more criminals are at work.
Nick McGlynn was almost a victim until he noticed something was wrong with a Chase ATM at 63rd and Broadway.
"It was weird, it was scary," McGlynn said. "I tug on the mirror; it comes right off double-sided tape, a little camera right behind it."
McGlynn also yanked off a card skimmer that mounted right over the card slot. Lance Ulanoff, editor of PC Magazine.com, said the technology is small and inconspicuous.
When asked if the device blends right in and captures all the information, Ulanoff said, "Right and then they put that together with the video they've captured and they have it all."
And can then start emptying your account. A Chase Bank spokesperson said a customer wouldn't have to pay for the withdrawals. But at the Chase in the Kensington section of Brooklyn workers hadn't even heard of the crime and said no one inspects their ATMs daily for any devices. But the crime is happening and high-tech.
"This is organized. This technology is very expensive," Ulanoff said.
So look for a card reader that is loose -- or just comes off. A second or oddly placed mirror on the machine could be a camera and cover your hand as you enter your pin. Also check your online bank statements often.
Authorities say once the thieves duplicate your bank card they withdraw cash in small increments so as not to raise any red flags.
SOURCE : http://wcbstv.com/topstories/atm.scam.nyc.2.1007162.html
The NYPD said Monday the men are part of a sophisticated ring trying to drain money from ATM customers' accounts at Staten Island banks going back to November of 2008. And even more criminals are at work.
Nick McGlynn was almost a victim until he noticed something was wrong with a Chase ATM at 63rd and Broadway.
"It was weird, it was scary," McGlynn said. "I tug on the mirror; it comes right off double-sided tape, a little camera right behind it."
McGlynn also yanked off a card skimmer that mounted right over the card slot. Lance Ulanoff, editor of PC Magazine.com, said the technology is small and inconspicuous.
When asked if the device blends right in and captures all the information, Ulanoff said, "Right and then they put that together with the video they've captured and they have it all."
And can then start emptying your account. A Chase Bank spokesperson said a customer wouldn't have to pay for the withdrawals. But at the Chase in the Kensington section of Brooklyn workers hadn't even heard of the crime and said no one inspects their ATMs daily for any devices. But the crime is happening and high-tech.
"This is organized. This technology is very expensive," Ulanoff said.
So look for a card reader that is loose -- or just comes off. A second or oddly placed mirror on the machine could be a camera and cover your hand as you enter your pin. Also check your online bank statements often.
Authorities say once the thieves duplicate your bank card they withdraw cash in small increments so as not to raise any red flags.
SOURCE : http://wcbstv.com/topstories/atm.scam.nyc.2.1007162.html
Labels: 419 scam, Nigerian Scam, Nigerian Spam, Nigerianspam, spam news
Posted on Tuesday, May 12, 2009
NEW YORK: A staggering 200 billion spam mails are sent every day, clogging your mailbox and possibly slowing down your genuine mail. Time to consider taxing them and raising money for roads and bridges.
According to an estimate, more than 90 percent of all e-mails sent and received around the globe are spam - advertising aphrodisiacs while trying to push virus in your computer or luring you with million dollars out of a Nigerian bank provided you provide your bank account details.
North America is the world leader in the junk mail market with 40 billion of them originating in the US and Canada every day, followed by Britain at 6 billion.
While they are sent free of cost, they come at a cost to the world. They make spam filters necessary, affect productivity and add burden to the increasingly crowded bandwidth, affecting the movement of genuine mail. They also eat up the recipient's time in deleting a score of them daily.
How to stop this menace is a global problem. To this end, Internet service providers (ISPs) have proposed price mechanisms, but users have objected. The Prospect journal has argued for a simple remedy: a very small tax on every e-mail sent.
"Opponents will argue that collecting the tax is impossible or unfair. Yet the status quo is unworkable... A unit tax on e-mail would stop most spam. A peddler sending one million messages a day hawking cross-border pharmaceuticals, for instance, would have to balance the uncertain revenues against the tax cost of 100,000 pounds or $150,000 a week. Trying to con people out of money or their bank password would become a risky gamble," Edward Gottesman argues in the latest issue of the journal.
He says the tax is feasible from the practical point of view too.
"Whether you're using a browser or a client-based e-mail system, every e-mail sent must have both a sender address and a recipient address - each in the form someone@somewhere." This makes all e-mails easily identifiable by ISPs, through which most private Internet traffic is routed.
"As they already impose a monthly charge on users, it would be simple for ISPs to pay the tax and pass it on in the monthly bill to their users. The first 400 or 500 e-mails sent each month can be included in a fixed charge, with the rest charged on top."
The tax will be negligible, on the other hand, for ordinary users who send out, say, 10 or 20 mails a day. That should also deter them from forwarding every joke they receive in e-mail and building chain mails of petitions.
SOURCE : http://economictimes.indiatimes.com/Infotech/Time-to-tax-spam-mails/articleshow/4505633.cms
According to an estimate, more than 90 percent of all e-mails sent and received around the globe are spam - advertising aphrodisiacs while trying to push virus in your computer or luring you with million dollars out of a Nigerian bank provided you provide your bank account details.
North America is the world leader in the junk mail market with 40 billion of them originating in the US and Canada every day, followed by Britain at 6 billion.
While they are sent free of cost, they come at a cost to the world. They make spam filters necessary, affect productivity and add burden to the increasingly crowded bandwidth, affecting the movement of genuine mail. They also eat up the recipient's time in deleting a score of them daily.
How to stop this menace is a global problem. To this end, Internet service providers (ISPs) have proposed price mechanisms, but users have objected. The Prospect journal has argued for a simple remedy: a very small tax on every e-mail sent.
"Opponents will argue that collecting the tax is impossible or unfair. Yet the status quo is unworkable... A unit tax on e-mail would stop most spam. A peddler sending one million messages a day hawking cross-border pharmaceuticals, for instance, would have to balance the uncertain revenues against the tax cost of 100,000 pounds or $150,000 a week. Trying to con people out of money or their bank password would become a risky gamble," Edward Gottesman argues in the latest issue of the journal.
He says the tax is feasible from the practical point of view too.
"Whether you're using a browser or a client-based e-mail system, every e-mail sent must have both a sender address and a recipient address - each in the form someone@somewhere." This makes all e-mails easily identifiable by ISPs, through which most private Internet traffic is routed.
"As they already impose a monthly charge on users, it would be simple for ISPs to pay the tax and pass it on in the monthly bill to their users. The first 400 or 500 e-mails sent each month can be included in a fixed charge, with the rest charged on top."
The tax will be negligible, on the other hand, for ordinary users who send out, say, 10 or 20 mails a day. That should also deter them from forwarding every joke they receive in e-mail and building chain mails of petitions.
SOURCE : http://economictimes.indiatimes.com/Infotech/Time-to-tax-spam-mails/articleshow/4505633.cms
Labels: 419 scam, Nigerian Scam, Nigerian Spam, Nigerianspam, spam news
Posted on Sunday, May 10, 2009
Verizon Wireless is continuing its crackdown on wireless scams with a Tuesday lawsuit against several companies accused of sending unsolicited, mortgage-related text messages.
Verizon filed suit against Pennsylvania-based Money Warehouse, Inc., known as All State Mortgage Lender, and other unnamed companies for allegedly sending 800,000 spam text messages to Verizon Wireless customers and employees beginning in February 2009.
Verizon filed suit in U.S. District Court in Trenton, N.J., accusing the companies of violating the Federal Telephone Consumer Protection Act, which bans the use of an auto-dialer to contact wireless customers.
"At a time when many Americans are concerned about making their mortgage payments, these types of unwanted text messages, from unknown senders, can be upsetting," Steven E. Zipperstein, vice president and general counsel at Verizon Wireless, said in a statement. "Our company will continue to work diligently to stop these people who break the law and harass our customers."
Late last month, Verizon reached a $50,000 settlement with St. Louis-based National Auto Warranty Services and Florida-based Explicit Media for making illegal telemarketing calls promoting car warranties.
SOURCE : http://www.pcmag.com/article2/0,2817,2346542,00.asp
Verizon filed suit against Pennsylvania-based Money Warehouse, Inc., known as All State Mortgage Lender, and other unnamed companies for allegedly sending 800,000 spam text messages to Verizon Wireless customers and employees beginning in February 2009.
Verizon filed suit in U.S. District Court in Trenton, N.J., accusing the companies of violating the Federal Telephone Consumer Protection Act, which bans the use of an auto-dialer to contact wireless customers.
"At a time when many Americans are concerned about making their mortgage payments, these types of unwanted text messages, from unknown senders, can be upsetting," Steven E. Zipperstein, vice president and general counsel at Verizon Wireless, said in a statement. "Our company will continue to work diligently to stop these people who break the law and harass our customers."
Late last month, Verizon reached a $50,000 settlement with St. Louis-based National Auto Warranty Services and Florida-based Explicit Media for making illegal telemarketing calls promoting car warranties.
SOURCE : http://www.pcmag.com/article2/0,2817,2346542,00.asp
Labels: 419 scam, 419 Scam fraud, email scam, lottery scam, Nigerian Scam, Nigerian Spam, scam, spam, spam news
Posted on Thursday, May 7, 2009
Botnet criminals have taken control of almost 12 million new IP addresses since January, according to a quarterly report from anti-virus firm, McAfee. The United States has the largest number of botnet-controlled machines, with 18 percent of them based here.
The number of zombie machines represents a 50-percent rise over last year.
Researchers attribute the explosion to botnet controllers trying to recoup spamming abilities after authorities took down a hosting facility last year that catered to international firms and syndicates involved in spamming and botnet control.
Researchers estimated that spam levels dropped about 60 percent after the hosting facility was closed. Last year at this time, an average of 153 billion spam messages were sent per day, while numbers in March this year show that the rate was on average about 100 billion messages per day. But researchers say the spam numbers will return to normal as criminals re-build their networks of captured computers.
"The question is not whether spam will return to previous levels, but rather
when it will return," the report says. "There is data regarding new zombie and botnet creation that suggest the time may not be too far in the future."
In terms of the numbers of zombie machines by country, China came in second after the United States, with about 13 percent. After this, the numbers dropped precipitously to 6 percent in Australia, 5.3 percent in Germany and 4.7 percent in the United Kingdom. Russia, where many cyber criminal syndicates are based, accounted for only 2.5 percent of the compromised computers.
But botnets aren't only used for spam. A separate report was issued this week by researchers at the University of California at Santa Barbara who spent 10 days in control of the so-called Torpig botnet and observed 70 gigabytes of data being stolen from computers remotely-controlled by the botnet, including financial data. The harvested data included 1.2 million Windows passwords and 1.2 million e-mail items, such as e-mail addresses and log-in credentials.
"In ten days, Torpig obtained the credentials of 8,310 accounts at 410 different [financial] institutions," the researchers write. "The top targeted institutions were PayPal (1,770 accounts), Poste Italiane (765), Capital One (314), E*Trade (304), and Chase (217)."
Torpig's malware attacks e-mail clients and other applications to record every keystroke entered by a victim, including passwords before they're encrypted. The purloined data is uploaded every 20 minutes in bundles sent to the botnet’s controllers.
The botnet is controlled by the Mebroot rootkit, which "takes control of a machine by replacing the system’s Master Boot Record (MBR)," the researchers write. "This allows Mebroot to be executed at boot time, before the operating system is loaded, and to remain undetected by most anti-virus tools."
SOURCE : http://www.wired.com/threatlevel/2009/05/botnets-took-control-of-12-million-new-ips-this-year/
The number of zombie machines represents a 50-percent rise over last year.
Researchers attribute the explosion to botnet controllers trying to recoup spamming abilities after authorities took down a hosting facility last year that catered to international firms and syndicates involved in spamming and botnet control.
Researchers estimated that spam levels dropped about 60 percent after the hosting facility was closed. Last year at this time, an average of 153 billion spam messages were sent per day, while numbers in March this year show that the rate was on average about 100 billion messages per day. But researchers say the spam numbers will return to normal as criminals re-build their networks of captured computers.
"The question is not whether spam will return to previous levels, but rather
when it will return," the report says. "There is data regarding new zombie and botnet creation that suggest the time may not be too far in the future."
In terms of the numbers of zombie machines by country, China came in second after the United States, with about 13 percent. After this, the numbers dropped precipitously to 6 percent in Australia, 5.3 percent in Germany and 4.7 percent in the United Kingdom. Russia, where many cyber criminal syndicates are based, accounted for only 2.5 percent of the compromised computers.
But botnets aren't only used for spam. A separate report was issued this week by researchers at the University of California at Santa Barbara who spent 10 days in control of the so-called Torpig botnet and observed 70 gigabytes of data being stolen from computers remotely-controlled by the botnet, including financial data. The harvested data included 1.2 million Windows passwords and 1.2 million e-mail items, such as e-mail addresses and log-in credentials.
"In ten days, Torpig obtained the credentials of 8,310 accounts at 410 different [financial] institutions," the researchers write. "The top targeted institutions were PayPal (1,770 accounts), Poste Italiane (765), Capital One (314), E*Trade (304), and Chase (217)."
Torpig's malware attacks e-mail clients and other applications to record every keystroke entered by a victim, including passwords before they're encrypted. The purloined data is uploaded every 20 minutes in bundles sent to the botnet’s controllers.
The botnet is controlled by the Mebroot rootkit, which "takes control of a machine by replacing the system’s Master Boot Record (MBR)," the researchers write. "This allows Mebroot to be executed at boot time, before the operating system is loaded, and to remain undetected by most anti-virus tools."
SOURCE : http://www.wired.com/threatlevel/2009/05/botnets-took-control-of-12-million-new-ips-this-year/
Labels: 419 scam, 419 Scam fraud, Nigerian Scam, Nigerian Spam, Nigerianspam
Posted on Tuesday, May 5, 2009
Nigerian arrested for lottery fraud
The Nigerian spotted to be Festos alias Murphy Vazigo Agbaifa (aged 38) of Nasik who was already been arrested by the police of Mumbai and lodged in the Nasik central prison was again arrested on May 12th and brought to Chennai on Wednesday.
According to Crime Branch Dept sources, K. Ramamoorthy of Kalpakkam in the Kancheepuram district had given a complaint about the agency, which he had received spam e-mails on December 2007, alleged to have been sent from the "Yahoo Lottery Award" congratulating him for winning the online lottery worth of Rs. 4 crore. The charged persons have sent emails asking Ramamoorthy to pay a sum of Rs.14.68 lakh regarding service and transferring claims into different bank accounts.
After transferring the amount, Festos neither sent the lottery awarded money and neither refunded his money.
In the Investigation it was discovered that the bank accounts were opened in the name of different persons in New Delhi, Mumbai, Hyderabad, and Chennai. The Cyber Crime Cell Investigators on 4th march arrested one of the 14 accused R. Stephen (alias) Vijay Stephen in Chennai.
Mukesh Anand Chudasama another accused of Thana, Mumbai, was kept custody on May 7 regarding his scam. The other account-holders addresses were been verified in Mumbai and found to be fake. On further investigation it was revealed that Festos masterminded this crime and wielded along with his friends in Mumbai and other places and cheated innocent people.
Based on the information that he was already been arrested by the Mumbai police in associated with another online fraud crime, police arrested Festos in the Nasik prison.
Labels: 419 scam, 419 Scam fraud, ATM Scam, email scam, email spam, lottery scam, Nigerian Scam, Nigerian Spam, scam, spam, spam news
Posted on Thursday, May 21, 2009