Saturday, January 19, 2008

January Symantec Report reveals questionable blogs, polls and Nigerian Scam restitution schemes

If you ever want to know what criminals and other misfits are up to on the Internet, watching spam traffic can reveal a few clues.

After all, spam is the vehicle most cybercriminals use to pass along whatever scheme they are behind designed to part people with their hard-earned money.

Symantec noted in December that close to 75 percent of all e-mail being sent is spam.

A little over a week ago, they issued their January report, which showed spam levels peaking towards the end of December to 83 percent.

Highlights noted in the January report are:

Holiday Spam Spikes: Spam levels reached new levels as spammers inserted holiday-oriented keywords into everything from subject lines to images.

Spammers Get Honest? Not So Fast: Spammers tried a new twist on an old scam, falsely promising past spam victims restitution of $100,000.

As Oil Prices Hike, Spammers Strike: This new spam claims to identify gas stations that fraudulently tamper with pump prices.

Not-So-Happy New Year: Recipients were invited to download a fun New Year’s song and dance, but instead found themselves downloading something far more malicious.

Presidential Polling Scam: Promising gift cards in exchange for opinions, spammers leverage the US presidential primaries to collect personal information.

Beware of Blogs: The use of blogs within spams appears to be on the rise, particularly in China where simplified character sets are common.
I found the 419 restitution activity interesting. In case you've never heard the term "419," it is the penal code in Nigeria for the infamous Advance Fee scam.

Here is what the report said:

419 spammers who have traditionally used stories about African dictators to defraud individuals have recently changed their approach to these types of emails. Certain 419 scams observed by Symantec this month claim to offer compensation to victims of 419 scams. The scam states that payments will be supervised by UN officials and about 150 scam victims will be paid compensation of $100,000 each. It provides some URL links as a reference to money that was successfully recovered by 419 scam victims. At the bottom of the email, it explains how the money may be recovered and the fraudulent background of such emails may be observed.

Interestingly enough, the Economic and Financial Crimes Commission (EFCC)of Nigeria has made real victims whole with funds seized from 419 scammers. You can see some real examples of this on their site.

The most recent time, I've mentioned the EFCC on this blog is when they were part of an International task force that intercepted large quantities of counterfeit checks at post offices in several countries. These counterfeit checks are normally used in advance fee scams, where people are tricked into cashing them and wiring the proceeds back to the criminal(s) sending them.

This led to a major press campaign and new website dedicated to educating the public about these checks called FakeChecks.org. The United States Postal Inspection Service, who worked with the EFCC on the task force, is one of the major sponsors of this site.

Most advance fee scams can be traced to a spam e-mail.

So far as the other trends noted, spammers and scammers are very adept of using what is popular or newsworthy to spread their deceit on the Internet.

It's probably not a surprise that they are taking advantage of the rise in oil prices, or political polls to lure people into their web.

If you would like to read more about this, the January report from Symantec can be read in full, here.

No comments: