Spam's Being Used For Identity Theft And Blackmail

[havnblast]

Ran Across the article on Yahoo! Crooks are sending spam using the Symantec Corp. name to sell counterfeit software, engage in identity theft, steal credit card numbers, and even blackmail victims through the use of pornography, Symantec officials said. The way the pornography blackmail scam -- perhaps the most explosive of the charges Symantec has made -- works is this: the victim receives a spam advertising Symantec software, and the victim is directed to a URL to buy the software. When the victim accesses the Web site, pornography is downloaded to the victim's computer surreptitiously in the background. Later, the victim receives an e-mail message from Eastern Europe, threatening to tell the victim's boss that the victim has pornography on his computer unless the victim sends $50 to the blackmailer. But one Internet student of con jobs and scams was skeptical. Cory Doctorow, co-author of the Boing Boing weblog, which chronicles -- among many other things -- Internet con jobs and urban legends, said the whole thing sounded like an awful lot of trouble to go to for a mere $50. "It doesn't pass my sniff test. It seems implausible to me. There are better ways of accomplishing a scam," he said. The con would require someone sophisticated enough to write software to perform the background downloads. That person could be traceable through ownership of a Web site. It would only work on a small percentage of the population dumb enough to fall for the trick. And all of that for a paltry $50?" he said. "Show me someone this actually happened to and I'll reconsider." Symantec would not provide specifics on the names of people who have received the blackmail spam, or on perpetrators. Symantec said other spam-launched scams using the Symantec name are more conventional, including selling counterfeit software, some of which is altered by adding spyware, and enticing victims to send credit-card numbers which are then stolen, said William Plante, director of worldwide security and brand protection for Symantec. "The Symantec or Norton products that you have seen advertised by spam are not our product, it's counterfeit, and we can't verify the authenticity of the software," Plante said. Symantec launched a program to combat pirated versions of its software about six months ago, and is cooperating with law enforcement authorities to investigate incidents. Counterfeiters make unauthorized copies of Symantec software and often alter the product to introduce viruses, trojan horses and spyware to capture credit card information, Plante said. "In one instance, we found our product had been written into an Eastern European language for which we don't even provide software. We thought that was pretty enterprising," he said. About 30 percent of the spam advertising Symantec software is simply a credit-card scam, Plante said. Victims send their credit card numbers by e-mail or enter them into a Web site, never receive any software, and instead get their credit cards stolen. Plante said he only started hearing about the porn blackmail about two weeks ago. He said it's been reported through several sources. "The problem with this particular one is that we don't know how big the problem is because nobody's going to 'fess up," Plante said. Symantec plans to follow Microsoft's lead and include product activation in its software to prevent against it being copied and pirated. The product activation is being tried now for the downloadable version of the software, and will be generally used next year. Anti-spam and security experts said that most of Symantec's experience has been in line with problems that other merchants have been having with spam. Spammers will frequently forge other people's e-mail addresses to appear legitimate or avoid detection, said Jason Catlett, president of Junkbusters Corp., an anti-spam, anti-telemarketing and anti-junk mail organization. Spammers will frequently claim to represent America Online or eBay in an effort to steal accounts. And the spammers claiming to sell well-known products create problems for the manufacturers of those products: for instance, Pfizer, which manufactures Viagra. "Pharmaceutical companies are very concerned about spam advertising their trademarked products, because they are facing regulatory issues with online pharmaceutical sales. They want to do so in an ethical and legal manner, and it's difficult for them to prove that the spam is being sent without their knowledge," said John Mozena, co-founder and vice president of the Coalition Against Unsolicited Commercial E-mail (CAUCE), an anti-spam lobby group. Affiliates of multi-level and affiliate marketing groups will also spam in the name of the parent company. Aside from Doctorow, other experts said the porn blackmail was not something they were familiar with. The story sounded plausible, but could also be an urban legend, they said. "Automated blackmail is certainly an unusual criminal venture," Catlett said

[Scot]

Hey. Good article, isn't it? It was written by my friend and work colleague Mitch Wagner for InternetWeek. In fact, Mitch and I both got the same briefing from Symantec and compared notes about it afterward before he wrote the piece.One of the things that I'm most interested in is that, as part of this briefing, Symantec announced that it will be adding product activation technology to its next round of products, the 2004 versions. Here's the link to the story at InternetWeek. I actually couldn't find it at Yahoo:http://www.internetweek.com/security02/sho...ticleID=7800052-- Scot

[havnblast]

Yes I heard that Symantec will being doing the product activation process and I am sure that trend will only continue to spread.I use the program "I Hate Spam" with my MS Outlook and have been pretty happy with it, before I was using filters built into MS Outlook, but that program does it without having to do all the filters.I do notice that every once in awhile it will cause MS Outlook to hang on startup and have to keep restarting the program to get it to go. I do believe they did come out with a update, which I will have to look into.MailWasher isn't a bad program either, but I hated having to start that first before my email program.I need to find a program that works in RedHat 8.0, when I am in RedHat I have no protection against spam.Oh by the way I read real quick that it sounds like MSN is now putting a limit on how many e-mails you can send in a 24 hour period. That would cut down spam from one account.

[Arena2045]

Hmm… This is an interesting article.Maybe with the addition of product activation, the “continuous free live-update subscription upon install/reinstall†loop-hole will be fixed.About SPAM filters… How many users of MSN or Hotmail email addresses, have recently been bombarded by an overabundance of more and more SPAM every day?I have MSN as a backup (dialup) ISP in case my satellite connection is down; and I must say now I get about 30 to 40 pieces of SPAM a day that pass right through their ‘advanced Junk Mail filter.’ Before MSN 8 was launched, I got maybe 1 or 2 SPAM emails that slipped by the Junk Mail filter.I think MSN/Hotmail needs to rethink their strategy to fight SPAM going through their servers.

[havnblast]

I got my hotmail account setting to highest possible so I don't get hardly any e-mail in that account. I basically use it for a junk mail address anyway. I never really had much use for hotmail or msn messenger. Now my yahoo email account is a different story, tons of junk mail there, but I don't think I made any adjustments to the handeling of mail. Most of it makes it into the default spam junk folder and I can just empty that folder with a single click, thank goodness.Got to love spam

[havnblast]

Arena2045 are you a night owl too? Most of my work hours are from Midnight to 8am so I usually get lots of time at work to browse forums and respond.Hopefully after the next newsletter goes out we will get many more members and get the community going Still need to think of a signature for this forum yet.

[Scot]

All --

MailWasher isn't a bad program either, but I hated having to start that first before my email program.

This was my feeling too when I reviewed it ...http://www.scotsnewsletter.com/32.htm#mailwashrevuI found it to be pretty good for simple mail usage, but annoying for anything else. I've also since concluded that antispam programs should NOT require you to learn and use a whole new client just to get your mail:http://www.scotsnewsletter.com/34.htm#fightspamI'm wondering if you've tried POPFile? I'm thinking about doing a list of antispam programs and where to find them, since readers have been sending this information for months. The Bayesian-based content filters are superior to the others -- for the moment.

Maybe with the addition of product activation, the “continuous free live-update subscription upon install/reinstall” loop-hole will be fixed.

It might well be. They're also fixing opposite problems, where people's subscriptions get limited when they install newer versions. The subscriptions don't add to each other, but the new one supersedes the old. I can't remember whether this is in Mitch's article, but Symantec says it will allow people to install it's programs two or three times. This doesn't apparently work the way Microsoft's Product Activation works. They can tell how many installations you have based on your LiveUpdates. So, if they notice that the same LiveUpdate serial number (or whatever) is updating from XX locations, they might contact you and tell you your using the software illegally. They actually said two installations to me, but I'd be willing to be it'll be more like three or four, at least.With 18 computers here in SFNL Labs, I'm going to have to think this through. Of course, Symantec may well provide me with code that's immune or whatever. I don't know.

How many users of MSN or Hotmail email addresses, have recently been bombarded by an overabundance of more and more SPAM every day?

I hate Hotmail, MSN, and Yahoo! equally. I only have accounts there so I can tell the newsletter on them. When people tell me they don't get spam on their Yahoo accounts, I'm incredulous. Yahoo has definitely sold its member lists many times. I use my Yahoo and Hotmail/MSN accounts so infrequently that I always find spam at both of them. Perhaps it wouldn't seem so bad to me if I used them everyday. I also hate Web mail though. Ugh.

Still need to think of a signature for this forum yet.

Me too. I also need an avatar. The one I have there is just a placeholder. Thankfully when I come up with something better, it will replace everywhere.And the forum will be in the next newsletter. Near the top too. -- Scot

[jbredmound]

I'm going to make you incredulous . My Yahoo account only gets 1 - 2 spams/week, and some weeks, none.I'm not being funny here...I wrote David Berlund that, with all this talk about spam, I feel really left out. I just don't get much.MY ISP is Midwest Telephone (mwt), and they provide a spam filter ala Postini. I didn't have it turned on, but decided to do that, just to see what the results would be. Well, I have to go get 50% of my newsletters now, on a daily basis, and I think I have only left 2 messages in quaranteen over the past month. This weekend, I am planning on turning Postini off! So I have to ask, why am I being ignored (or spared)? Is it my breath? I do most of my shopping on-line, cruise the net daily, etc, etc.Is it my firewall? Man, I want to get some spam so I can feel like I'm a part of this!

[havnblast]

Luck of the draw maybe? I would consider yourself lucky and be very happy your not getting swamped with junk.Cheers!

[Scot]

Jbredmound,

So I have to ask, why am I being ignored (or spared)? Is it my breath? I do most of my shopping on-line, cruise the net daily, etc, etc.

One way spammers get personal email addresses is when your friends forward like 135 people one of those humorous little email messages, and you happen to be one of those 135 people, because those messages get forwarded, and half the time your email address is shown in the forwarded mail. And as it gets passed down, eventually, some spammer scoops up all the addresses.Another way is that you signed up for an Internet service that wasn't quite as free as you thought, and the company rents its list. Any time you post in a newsgroup, put your email address on a website, make it visible anyway, again -- spam bait. If you've had your email address for three, four, five years, again, most email addresses get "found out" over time.I think, whether you know it or not, you're prudent with your address. And so are the other people you've given your address to. And so is your ISP.You're not alone, by the way. I get mail all the time from people who don't know what the fuss is all about. I don't think you're in the majority. But, I say, enjoy it while you can. It may not last forever. I think spam is going to get a lot worse before it gets better. -- Scot

[kevinh]

great topic and thanks scott for the forum. the majority of my spam has come from yahoo so i have blocked all e-mails with @yahoo.com on them.i only had this problem after i registered at yahoo and am regretting that i did.i have the new AOL 8.0 and their new spam reporting and blocking feature seems to be working pretty good.

[jaco]

most of my spam comes from hotmail. i now use yahoo.com.au > when i dont want to use my home addy.i dont get any spam from them. jacogreat forum scot i am just getting the fingers on how it works.

[jbredmound]

NEWS: I turned off my spam filter today...it was catching everything, including SNL. Scott knows that I have a little posse that I send a simple newsletter about computer info, and I have stressed that, when forwarding, you should always use Bcc. If I get a forward from someone, and I wasn't contacted via Bcc, I will reply, thank them, and tell them the hows and whys of Bcc.Actually, I have hounded people about this It's not a perfect solution, but every little bit helps when it comes to stealth

[Guest LilBambi]

Chainletters, forwarding of emails, as well as the addressing of emails that are sent out to multiple recipients with the To: and CC: instead of bcc: wherever possible has definitely been responsible for spam in our boxes unfortunately. I felt so strongly about it, and I wanted to get the word out, so I wrote an article about it:ChainlettersUPDATE:The link to the original article might be easier to use include in an email.

Edited April 9, 2003 by LilBambi

[Big Jeff]

Nice article LilBambi. Do I have your permission to copy and paste it to some relatives of mine?

[Guest LilBambi]

Nice article LilBambi. Do I have your permission to copy and paste it to some relatives of mine?

Sure Big Jeff.. the article is posted elsewhere on the Internet.I would appreciate credit for writing it, but please be my guest, that's why I wrote the article ... to get the word out

[Big Jeff]

Thanks LilBambi, I wouldn't think of using it without permission or giving proper credit.

[Guest LilBambi]

Thanks Big Jeff

[Arena2045]

Hey Fran!I hope your permission extends to all who will give you credit for writing it???Excellent article. My Uncle needs to read this. There is no way to recoup from the damage he has done to one of my inboxes.And of course, like Big Jeff, I wouldn’t omit the author.

[vegan]

Chainletters, forwarding of emails, as well as the addressing of emails that are sent out to multiple recipients with the To: and CC: instead of bcc: wherever possible has definitely been responsible for spam in our boxes unfortunately. 

Good advice. I am not trying to give you a hard time. I rarely send an e-mail to more than 1 person, except a business message to several co-workers. What confuses me is, if I put all the co-workers in the bcc: field, what do I put in the to: field? If several addresses in a to: field is bad, isn't one address in a to: field also bad? And my address is in the from: field no matter what. I suppose we should advise everyone to send all e-mails to themselves, with the real address in bcc:. That way only the sender can end up a victim.

[Guest LilBambi]

Arena2045 --Absolutely ... anyone who gives credit to the writer is more than welcome to reprint the article. I just want to get the word out!vegan --Actually back when I started trying to figure out this whole bcc thing, I had the same question.The answer turned out to be easier than I initially thought:An email doesn't have to have anyone in the to: line. As long as someone will be receiving it, ie., to:, cc: or bcc: the email will send with no problem.I sometimes send it to myself so folks can reply easier, but it is not at all necessary.Great question.