Latest spam scams use Google, Olympics

Scammers are constantly using new techniques, according to SurfControl

By Linda Rosencrance

August 26, 2004 12:00 PM ET

Recommended

Computerworld - Using new techniques to trick users into opening misleading, fraudulent and potentially harmful messages, spammers have recently targeted Google, the Olympic games and US Bank, according to SurfControl PLC, a vendor of Web and e-mail filtering software.
"There is greater awareness of the risks associated with spam and e-mail, so spammers must continually create new techniques to trick end users," Susan Larson, vice president of global content at Scotts Valley, Calif.-based SurfControl, said in a statement. "Companies should be on the lookout for these new techniques and others as they emerge."
SurfControl said the Google scam, discovered this week, appears in in-boxes with the subject line "Google, #1 Search Engine." The e-mail asks users to download the latest Google tool bar to stop pop-up ads and spyware and then directs them to a link to download the tool bar executable. However, this download is most likely a virus-infected file, according to SurfControl.
At least two aspects of the e-mail indicated it was a hoax, SurfControl said. First, the sender address was from an individual, rather than Google. Second, the IP address for the tool bar download matches that of a suspicious Web site that sells "The Essential Underground Handbook," a guide to get-rich-quick schemes and other forms of fraud, according to SurfControl.
SurfControl's research team also said spammers are increasingly embedding images into their messages rather than using HTML, which allows them to work around spam protections that can block HTML-based graphics offered in Microsoft Outlook. And since the text is all part of the embedded image, this techniques also bypasses the text-scanning abilities of traditional antispam filters, the company said.
SurfControl said this technique was found in three spam messages this week, including one that appeared to spoof US Bank as part of a phishing scam.
SurfControl also discovered a scam using excitement around the 2004 Olympic Games to help the scammer circumvent new federal antispam law. With subject lines including "Olympic Games," "Olympic Medals," "ATHENS 2004" and "ATHENS RANKS," the message appeared to provide the latest Olympic medal tallies.
However, directly beneath the tallies was the name of a company "sponsoring" the information -- with a link to an advertisement for Viagra.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Cybercrime/Hacking

Additional Resources

WHITE PAPER

Do You Know the 7 Steps to Successful Data Migration?

Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.

WHITE PAPER

Total Cost of Ownership of Server Computing Vs. PCs

Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.

WHITE PAPER

IDC White Paper: Linux in a Global Recession

Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.