Saturday, July 22, 2006

Aids Cure, Another Lure in the Internet Fraud Saga

Research has come a long way since Aids was discovered in the early 80's, but no cure has been found yet.

SophosLabs is reporting that a new advance fee (spam) e-mail is circulating claiming to have found a cure for aids. Here is what they have to say:

"However, Sophos warns computer users that this is a ruse to steal personal details, and that the fraudsters behind the scam campaign can use such information to steal money from bank accounts and commit identity fraud."

"People who receive this email may believe they are helping the world fight AIDS, as well as potentially make themselves some money from the proceeds of any distribution of a successful cure. However, the scammers are just using another method to try to dupe computer users into divulging sensitive information," said Carole Theriault, senior security consultant for Sophos. "It's particularly sick of the hackers to exploit human illness in their search for innocent computer users to fleece."

"This email con-trick is the latest of many 419 scams. These scams are named after the relevant section of the Nigerian penal code where many of the scams originated and are unsolicited emails where the author offers a large amount of money. Once a victim has been drawn in, requests are made from the fraudster for private information which may lead to requests for money, stolen identities, and financial theft."

There is a copy of the letter on the alert from Sophos.

Unfortunately, the alert - which contains the e-mail in question - is cut-off before it is clear exactly what the scam entails. It also makes references to stealing personal information (identity theft) - which can be done via "social engineering," or by visiting a "rogue website" and picking up some malware on your system.

I decided to "dig a little deeper" and used one of my favorite tools, "Google."

Sure enough, I was able to find more information on this - including "WHOIS" data regarding the origin of the e-mails. Interestingly enough, this version of the scam has been around for since February, 2005. The e-mail in the Sophos alert was dated this month (July).

This version was reported by Joe Wein, who runs a Japanese software company that sells spam and on-line fraud protection.

In this version, the e-mail using a UK e-mail address from a IP address in Nigeria. The letter claims to be from an Indian doctor.

It appears Joe corresponded with the scammer and the lure to obtain personal information appears to be of a "social engineering" (human con) type. The e-mail asks for patients medical information, which in turn will probably be used for "identity theft" purposes.

The additional e-mails also mentions having the "aids drugs" sent to people. Please note that there also is a big problem with the sale of "useless" counterfeit drugs on the Internet. Most of us get spam e-mails about this all the time, at least in our spam filters.

In both of the e-mails, I was unable to find any "direction" to a "rogue site," which might install spyware, malware, or crimeware on a computer.

If you would like to view this version, link here.

Having the proper protection on your computer is extremely important, but being knowledgeable of "social engineering" is critical, also.

The term "buyer beware" (caveat emptor) is a good thing to think about before proceeding with a transaction on the Internet. A little "digging" and verifying facts is prudent, also.

"If it's too good to be true - it might not be."

No comments: