Sunday, 8 June 2008

SPAMfighter News - 4 new articles

 

Your email updates, powered by FeedBlitz

 
Here are the latest updates for raplist.antispamsite@blogger.com

"SPAMfighter News" - 4 new articles

  1. Political Campaigning in San Diego Using Spam Technique
  2. Phishing Scam Targeted Users of ANZ
  3. Phishers Hiding Their URLs in Sub-Domains of Registered Domains
  4. McAfee Warns of 'Postcode Lottery' E-Mail Scam
  5. Search SPAMfighter News

Political Campaigning in San Diego Using Spam Technique

Unsolicited spam mails were being distributed in San Diego for weeks as a part of political campaign in the city. These e-mails represented the mayoral candidates of San Diego, candidates aspiring to be in the City Council, and others wanting to be city attorneys, as reported by VoiceOfSanDiego on May 27, 2008.

People receiving the spam reacted differently to the rather new electioneering technique because of little knowledge they have about the impact of spam. However, some recipients said that the inflow of the campaign spam took away their interest from the candidates who pushed the unwanted missives.

As campaigns for political purposes become more competitive and expensive, the Internet serves as a new promotional mean. Thus, candidates use e-mail as another means to influence the voters. By distributing uninvited mass e-mails, they try to engage the electorate with just a click of the button. In the San Diego campaign, the message to inform the voters was being first decided and then sent in bulk to a specific section of the city's population.

Meanwhile, it has been known that Political Data Inc., an organization that collects and furnishes information on California voters, purchases lists of people's e-mail IDs from companies that collect data privately. Those organizations, in turn, obtain the e-mail IDs like other data on people from commercial Websites and online registration forms.

Nevertheless, recipients of the current campaign spam appeared frustrated due to the deceptive and annoying nature used in the e-mail marketing. According to the recipients, the messages hampered productivity while some demanded to know the source from where the candidates obtained their e-mail IDs.

The San Diego e-mail users also expressed dissatisfaction at the manner of collecting their e-mail Ids, storing them as a database and finally using them for spamming. They argued that this way any person could put them in an undesirable situation by using their IDs to send malicious messages.

One of the recipients of the spam mail, Herbert Wohl, said that the message was misleading as it gave an impression that he of his own volunteered to take it in, as reported by VoiceOfSanDiego on May 27, 2008.



Phishing Scam Targeted Users of ANZ

The customers of ANZ (Australia and New Zealand Banking Group Limited) are alerted of a phishing scam that imitates the original site of the bank to acquire customers account details, as reported by smh on May 27, 2008.

The scam e-mail warns the users that their Internet banking account has been made unavailable. And it asks for private details to rectify and confirming it. Also, the scam e-mail has a link that takes to fake bank Web page of ANZ, which asks users of their registration number, phone number, name, address and email address.

The phishing e-mail appears like the authentic message from the ANZ and directs the users to click on the given link which read as: "kindly click on the attached bank link below to retain account stability with any of this banks and to verify users account security."

The mail also says that they cannot disclose the procedures of their investigation that forced them to make this sentence, but they also assures that it is conducted for the safety of user's account. In a telling flaw, the fraudulent ANZ page asks the customers for their address and "zip code", an American term for postcode, which is authentic enough to lead customers to original ANZ page.

The officials at ANZ said that the bank knew about the scam and had also got complaints. The e-mail could serve as an example of "hackers" phishing for data that could use to access accounts and steal confidential details.

The officials also advised that the users should not provide any information or click on the given data. They said that the users should always visit their site by typing http://www.anz.com in the address bar instead of following links.

As per McAfee Avert Labs, cyber crooks are stealing login data from online Australian bankers and selling them on European black markets for around $913 (Five hundred and fifty pound). Confidential and private information from ANZ, Bank West, Commonwealth Bank account holders are compromised for this sum of money.



Phishers Hiding Their URLs in Sub-Domains of Registered Domains

According to researchers at APWG (Anti-Phishing Working Group) on May 26, 2008, malicious users were manipulating the Internet's domain name to deceive end users into falling for phishing scams, and to confound the job of shutting down phishing Websites.

The security experts at APWG also said that in 2007, no less than one in every bunch of five domain names involved in phishing assaults was essentially registered for criminal purposes.

Out of 51,989 distinct domain names as well as 11,553 IP addresses taken from a 2007 database of phishing URLs, the APWG researchers found that at least 10,773 viciously registered domains hosting fake sites were designed to cheat consumers and to get them to reveal personal information. Further, 10,515 maliciously registered domains hid their phishers on sub-domains while a small number of those domains contained names of brand organizations.

Greg Aaron, Director of Domain Security at Afilias, and is also visiting research fellow at the APWG, said that if the community using the Internet understands the activities of phishers and their purposes, it could become much easier to devise enhanced anti-phishing measures. Following that, the Internet could become much safer for its users, at the same time difficult for the miscreants, as reported by PrWeb on May 27, 2008.

Meanwhile, through its phishing index, the APWG revealed how phishers systematically exploited the domain systems of several countries during 2007. However, when a few domain registries took action to respond to the phishing spree, it considerably impacted the problem, and thereby restored the name and position of the space for domain name registrations under those registries.

Rod Rasmussen, President of Internet Identity and APWG industry liaison, said that domain name registration by phishers are creating a big element of the existing problem. Registrars and registries of domain name were an excellent source to restrict that activity while they contributed to the overall safety of the Internet.

The investigators at the group also found as many as 11,443 phishing sites being hosted on 448 domains that provide hosting and DNS redirection facilities of certain inferior form, e.g. customer_term.service_provider_sld.TLD.



McAfee Warns of 'Postcode Lottery' E-Mail Scam

McAfee on May 27, 2008 said that several e-mail spammers didn't care to find out even the basics of a British colloquialism, and attempted to dupe users into believing they had won a "Postcode Lottery."

Chris Barton, Security Researcher at McAfee, said that Postcode Lotteries in the United Kingdom generally meant bad news. But the remote fraudsters were seeing it quite differently. As per the bottom-feeders, the Postcode Lottery is a competitive games where one can win, as reported by WebUser on May 27, 2008.

According to the researchers at McAfee, the scam e-mail claims to offer a payment of £800,000 to the recipient of message. However, researchers suggested recipients of such e-mails to delete the message and not click on any link in it.

The researchers are also saying that the e-mail looks similar to the '419' or Nigerian scam, which is currently very common to inboxes. Messages of Nigerian scam can also come via letter or fax. These typical requests ask the recipient's assistance for him to claim a huge amount of money, most of the time in several million dollars.

Describing the vicious e-mail, McAfee says that it talks about drawing the attention of the recipient to the winning notice from National Postcode Lottery game conducted on May 8, 2008 through Internet Ballot System among 10,000 Microsoft users.

After that, the e-mail says that a lottery number 24.2.6.37.15.45 along with the winning number 100364, referred to as number XX/0999/171ESP and BATCH: 1211504/MIU is attached in an attempt to make the message appear legitimate.

The e-mail further urges that the recipients regard the notification seriously and contact the relevant department to claim the money by providing the mentioned details and processes of the claim. It even provides a contact number along with the e-mail address of someone named Mr. Jose Bolton although the message comes under the name of one Mrs. Stefian Smith as its sender.

The e-mail has other mistakes too such as poor spelling, a footer note from an Irish ISP, in addition to the two separate signatures and the complete misinterpretation of the word 'Postcode Lottery.




Click here to safely unsubscribe now from "SPAMfighter News" or change subscription settings

 
Unsubscribe from all current and future newsletters powered by FeedBlitz
Your requested content delivery powered by FeedBlitz, LLC, 9 Thoreau Way, Sudbury, MA 01776, USA. +1.978.776.9498

 
Posted by Admin at 02:30

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)