Latest spam scams use Google, Olympics

Scammers are constantly using new techniques, according to SurfControl

By Linda Rosencrance

August 26, 2004 12:00 PM ET

Computerworld - Using new techniques to trick users into opening misleading, fraudulent and potentially harmful messages, spammers have recently targeted Google, the Olympic games and US Bank, according to SurfControl PLC, a vendor of Web and e-mail filtering software.
"There is greater awareness of the risks associated with spam and e-mail, so spammers must continually create new techniques to trick end users," Susan Larson, vice president of global content at Scotts Valley, Calif.-based SurfControl, said in a statement. "Companies should be on the lookout for these new techniques and others as they emerge."
SurfControl said the Google scam, discovered this week, appears in in-boxes with the subject line "Google, #1 Search Engine." The e-mail asks users to download the latest Google tool bar to stop pop-up ads and spyware and then directs them to a link to download the tool bar executable. However, this download is most likely a virus-infected file, according to SurfControl.
At least two aspects of the e-mail indicated it was a hoax, SurfControl said. First, the sender address was from an individual, rather than Google. Second, the IP address for the tool bar download matches that of a suspicious Web site that sells "The Essential Underground Handbook," a guide to get-rich-quick schemes and other forms of fraud, according to SurfControl.
SurfControl's research team also said spammers are increasingly embedding images into their messages rather than using HTML, which allows them to work around spam protections that can block HTML-based graphics offered in Microsoft Outlook. And since the text is all part of the embedded image, this techniques also bypasses the text-scanning abilities of traditional antispam filters, the company said.
SurfControl said this technique was found in three spam messages this week, including one that appeared to spoof US Bank as part of a phishing scam.
SurfControl also discovered a scam using excitement around the 2004 Olympic Games to help the scammer circumvent new federal antispam law. With subject lines including "Olympic Games," "Olympic Medals," "ATHENS 2004" and "ATHENS RANKS," the message appeared to provide the latest Olympic medal tallies.
However, directly beneath the tallies was the name of a company "sponsoring" the information -- with a link to an advertisement for Viagra.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Additional Resources

POLL RESULTS

Leading IT Pros Weigh In on Top IT Issues

Accelerate your knowledge of the IT world you inhabit by viewing the results of a series of polls taken by your IT peers. These polls of 100+ IT professionals each are available for full viewing. They cover key topics such as virtualization, processor performance, green IT, cloud computing and many others. Be a part of the buzz.

WHITE PAPER

For Best Results, Think Beyond the Box

Technology is complex. Keeping it running productively shouldn't be. To that end, you want to minimize the number of solutions needed in-house to simplify operations, maintenance, and support. Kodak offers a best-practices model. One company provides support for both scanner and software, for fast problem resolution without vendor finger-pointing. Download now!

WHITE PAPER

Accelerating the Path to Demand Intelligence with a Demand Signal Repository

Utilizing demand intelligence improves the precision of pricing, product assortments, channel/store placement, and promotion, which are all essential for sustainable revenue management performance. Learn more, download this free whitepaper today.

White Papers & Webcasts

How Controlling Access to Privileged Accounts Can Keep Insider Threat from Hurting Your Bottom Line
This white paper explores insider attacks and insider risk, and shows how to control them by controlling and monitoring access. The paper describes...

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Military Uses Bit9 Parity to Defend Against New Generation Attacks
When a military organization faced an exercise, in which there was an attempt to breach and infect the network, they decided to use...

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

Eliminate Spam, Gain Productivity
In this exclusive whitepaper, learn all about the dangers of spam and the cost to your business....

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

Accelerate SSL Encrypted Applications
The amount of SSL traffic is growing in the enterprise. Because it is encrypted, it cannot be properly controlled and accelerated. Blue Coat...

Why Compliance Pays
This OnDemand webcast explores the relationship that firms with best compliance records have higher revenue, greater customer retention, lower financial losses from data...

ESG Lab Field Audit
Many companies have successfully implemented Riverbed WAN optimization solutions within their Cisco networks. This ESG Lab Field Audit document explores the success that...

Agile Enterprise Content Management (ECM) for Rapid ROI
Find out how combining ECM and BPM will help adress issues about content rich business processes....

All White Papers | All Webcasts