Spammers continue to refine their methods in an effort to stay ahead of security measures.  At the same time, the profit motivations behind spam are expanding.  Previously, the main reason for sending out spam was to sell something.  Spam is now increasingly part of a “blended” attack, which is a sophisticated coordination of a variety of techniques designed to breach the security of targeted systems, steal data, and take control of the compromised systems by adding them to botnets.

In many cases, the actual malicious code is delivered when a user visits a compromised website which is capable of infecting the user’s computer.  Because of this, security vendors are stepping up their marketing efforts to sell web security devices and software.  The fact is that the majority of these infections occur when a user follows a link received in a spam message.  Security Labs reports that 65 percent of spam contains malicious URLs leading either to compromised web sites or to sites that are created by spammers and fraudsters.

Trend Micro recently reported on targeted attacks on CEOs that began with spam emails.  These emails appeared to contain links to court documents related to subpoena actions.  The links actually led to fake websites, where users were prompted to install browser plug-ins in order to view the files.  The “plug-in” was actually a Trojan which secretly connected to other malicious sites and installed yet more malicious software.

Another recent example was the wave of attacks from the Storm botnet, which consisted of spam emails claiming that the U.S. had invaded Iran.  This message appeared to link to websites where video footage would show some 20,000 U.S. soldiers launching world war three.  The site showed what appeared to be an embedded video player, but clicking on the player button resulted in the execution of malicious code that installed a Trojan on the user’s computer.

Author: Christopher

(1 votes, average: 5.00 out of 5)

 Loading ...