Spammers Using more Personal Tricks to Dupe Users

MessageLabs, the Internet security firm, has gathered enough evidence which proves that in US, the executive level positions are emerging as the targets of direct attack spam or malware emails. Even worse, the use of confusing and infected PDF documents among cyber-crooks is also increasing.

MessageLabs has revealed almost 500 attacks targeted directly to the senior officials of companies. Chief Information Officers (CIOs), who received almost 29.67% of all targeted spam, topped the list. Next came the CEOs with almost 10.99% of targeted system. Usually, the spam includes the full name of the victim, as well as his job title and often attacks the victim's spouse or other family members.

MessageLabs unveiled the reason that the corporate officials are usually attacked because their system contains private data, or access to such data can be obtained after the system is infected with spyware or any such thing.

Matt Sergeant, senior anti-spam technologist at MessageLabs, said that the attacks continued for the first half of July 2007, but then gradually came to a halt. He also reported that there is an alteration in the techniques from the same gang; sometimes, they only attack one company rather than attacking CxOs. He added that presently, it seems that the attack is maintained by a few individuals, reported Ars Technica on August 6, 2007.

One of the ways in which the spammers can obtain personal data on specific individuals is through services viz. Linkedln, Facebook and MySpace, where they can easily get full name, mail addresses, job titles and other confidential data. Further, this data can be used manually or automatically depending on the source and the seriousness of the attack. This information is then modified directly or indirectly for the purpose of spamming.

Sergeant explains that the professional spammers are taking the help of PowerPdf, text2pdf, OpenOffice, and Adobe Acrobat to make the images used in the mails. The application, text2pdf, can prove to be the most harmful as it depends on a free Ghostscript utility which can be used to run in the PDF files' background, turning the user's PC into botnets.

MessageLabs also discovered that agriculture (66.8%) and manufacturing (57.1%) topped the list of companies that the spammers attacked. Moreover, the rank of the finance sector was the minimum in which only 29.3% of mails were spam.

Related article: Spammers Continue their Campaigns Successfully

» SPAMfighter News - 8/20/2007