Symantec releases March Spam and Scam Trends

Even though scams don't all originate on the Internet, a great majority of them do. If you ever want to figure out what scams are making their rounds, taking a look at spam analysis is a pretty good way of doing it.

Spam is the vehicle that most cyber misfits seem to prefer when trying to pull a fast one on the unwary. Fortunately, most of them are far from geniuses and all it takes is a little awareness to foil their attempts at trickery.

Of course, providing a little body armor for your system is highly recommended, also. Especially, if you are a Windows user.

Please note that when providing body armor for your system to make sure you are buying it from a reliable vendor. I see spam come-ons for so-called computer security software that might turn your system into a spam spewing zombie, steal all the information from it, or a combination of both.

Last week, Symantec released their March report. This report is a good resource to use to see what is going on in the wild world of spam, scams and malicious software.

Kelly Conley writes:

Social engineering was the driving force behind spammers during the month of February. While overall spam volume hovered steadily at 78.5% of email and tactics remained relatively the same, the use of events, big brands, and public figures drove spam campaigns during the month. The March State of Spam report highlights several of these.

Kelly brings up another point -- which is that despite the fact that scams frequently use technology as a tool -- they also rely on a healthy a dose of social engineering (trickery) to accomplish their intentional misdeed.

Predictably, the presidential candidates are a big lure:

Last month, spammers began to spread bogus links purporting to show a Hillary Clinton speech, but in actuality the links were cloaking a malicious Trojan. Most recently we’ve seen spammers leveraging the last remaining front-runners of the 2008 presidential elections; Obama, McCain, and Huckabee. Just what are spammers linking the candidates with? Everything from Viagra, porn, get-rich-quick schemes, and portable dewrinkle machines.

If you think about it, this shouldn't surprise very many of us. After all, the candidates are filling up our mailboxes with a lot of political spin and requests for financial support, also.

It's probably a good idea to be careful when clicking on a link in any unsolicited messages. Especially, when over 75 percent of all e-mail sent is spam.

Of course, politicians aren't the only human lures spammers use. Celebrities are pretty good "spam fodder," also.

The presidential candidates aren’t the only targets. Also seen were high profile names such as Michael Jackson, Heather Mills, and Indiana Jones to name a few. Spammers are using these names to spread malicious links to videos and the names being circulated are all currently high profile. Who hasn’t heard of the McCartney/Mills divorce or Britney Spears’ woes? The spammer is banking that you want to know more about these celebrities and are therefore leveraging their names to tempt you into opening the malicious link. These are fairly easy to spot because in most cases the names are misspelled. I wonder what Paul McCartney would think of his name more closely resembling a martini (Maccartni)?

It never ceases to amaze me that spammers can't spell. A common demoninator in most scam letters is that a lot of words are misspelled. Especially, the variety that orginate out of Internet cafes in third world countries.

Other notable trends in the lures being used are International Women's Day and (too good to be true) offers of free tickets from Southwest Airlines.

The monthly reports normally includes an amusing, or not so amusing (reader's choice) "hall of shame" category. This month the mortgage crisis is being used, with a sick twist:

As economic conditions have slowed in recent months, Symantec has observed a torrent of spam messages encouraging users to “refinance before its too late,” ”take out a mortgage for the lowest APR ever,” or “this is the time to be the proud owner of your house.” While the deluge of finance spam continues, spammers have also decided to diversify their sales portfolio to include the buying and selling of burial plots. Talk about an idea to get out from being buried, no pun intended. As the message indicates, the U.S. national average price for a burial plot in 1978 was $200 and this has risen to $4500 in 2008. “Get started today” – adverts say – “because tomorrow could be too late”.

In case you missed the link to the full report (above), it can be seen (with some interesting screenshots), here.

Scammers trick grocery chain into sending them $10 million

(Photo courtesy of rcbatey at Flickr)

Normally, when e-mail scams are brought up, we think of unfortunate individuals falling for something that's too good to be true. A surprising discovery, found in federal court filings, proves that this isn't always the case.

Yesterday, Rebecca Boone of the Associated Press (courtesy of the StarTribune.com) reported:

Supervalu Inc., the Eden Prairie-based grocer, fell prey to an e-mail scam this year, sending more than $10 million to two fraudulent bank accounts, according to federal court filings.

Apparently, Internet e-mail scam artists accomplished this by sending spoofed e-mails impersonating Frito-Lay and American Greetings:

The company said it received two e-mails -- one from someone purporting to be an employee of American Greetings Corp. and another from someone claiming to be with Frito-Lay, according to the documents. Both e-mails claimed that the companies wanted payments sent to new bank account numbers.

At first, it appears that no one at SuperValu questioned the account changes and approximately $10 million was wired into them.

According to the article, the scam was discovered quickly and the FBI intervened. SuperValu will not comment on how much money they actually lost.

Either this is a fluke, or it shows a growing trend, where businesses are being specifically targeted in e-mail scams.

This isn't the only type of e-mail scam that has been targeting businesses and organizations.

Stories about what is known as spear phishing have been circulating recently. Spear phishing differs from regular phishing because indivduals are targeted by name, and as reported in some of these stories, sometimes by both name and title.

Previous posts, I've written about spear phishing can be seen, here.

Please note that stealing money isn't the only goal in spear phishing. Sometimes the goal is to steal information (which is worth money), also.

Phishing has become more sophisticated in recent history. Besides using social-engineering (trickery) to obtain information -- malware (sometimes known as crimeware) is downloaded into a system by opening a e-mail attachment -- which steals the information automatically and on an ongoing basis.

Another growing trend is the sale of DIY (do-it-yourself) phishing kits in underground (normally Internet) forums. These kits are enabling less technically inclined criminals to get into the game.

This goes to show that educating employees (especially those with access to financial assets, or valuable information) how to avoid being scammed might be something worth taking a look at.

On a final note, we need to remember that the same type of scam could be accomplished via snail mail with convincing letterhead, or even via a fax. The best way to avoid scams is to be able to recognize the behavior behind them.

AP Story, here.