Spammers Using Twitter and YouTube to Spread Spam

Twitter and YouTube is one of the most popular web 2.0 websites and spammers are using these websites to spread spam messages. Earlier spammers use Plain text, html, instant messaging, images, pdf, even in MP3 to spread messages via Email but users are able to learn and find these are spam messages and don’t open it. Let’s see how spammers using Twitter and YouTube to spread spam messages.

Spammers generally retweet messages on twitter with any message and malicious url.They will usually use a URL shortener, such as bit.ly, both to make it shorter and to obfuscate the destination. Once you click on the link, you are redirected to YouTube.

User is redirected to YouTube website, its a real YouTube website. it won’t ask you to install any codec and user will see real video. Well, as you can see is the spam message recorded in a video and uploaded to YouTube

Spam Video on YouTube

If you go to the advertised website, you’ll see this:

Spam Website

Source : Panda Labs

Ajay Pathak 2 February 2010 Security , , , No Comments

YouTube View Count Having Spamming Issues

YouTube is working to fix some inconsistencies causing some unusual YouTube view counts. Recently YouTube found some spamming issues with YouTube videos. The inflated view count number on these videos will be frozen until actual views catch up to the published, artificial, view count. Also, a few people have commented that their view counts are updating more slowly. Occasionally the speed with which views update changes — sometimes it’s faster and sometimes it’s slower.

Source : Official YouTube Video Blog

Ajay Pathak 16 March 2009 Google , , No Comments

Orkut Account Usage Notification E-Mails Spreading Trojan

Orkut Account Usage Notification E-Mails Spreading Trojan Attackers finds another new way to spread Trojan and other malicious code over the internet. This time they are using Google’s Social networking web site Orkut to spread the Trojan. The email is spoofed, appearing to be from the domain Google for this fake notification which advises the user that their account has been subject to investigation and will be terminated within 72 hours unless they click through the hyperlink and follow the necessary instructions.


Read more…

Ajay Pathak 26 November 2008 Google, Security , , , No Comments

Participate In Online Phishing and Spam IQ Quiz test

Sonicwall- Online Phishing and Spam Quiz Most of us get a lot of Spam and Phishing E-Mails delivered to our E-Mail, but if you are to ask to spot the difference between a legitimate e-mail and a phishing scam sitting in your in-box? Then according to sonicwall most of the internet users won’t be able to spot the difference. To help internet users sonicwall has a free online test for Phishing and Spam IQ questions. sonicwall offers a series of E-Mails asking users to identify them as Phishing, Legitimate or No Answer.


Read more…

Ajay Pathak 23 November 2008 Education, Security , , , 1 Comment

Top 10 Spam Friendly ISP’s

Spammers are using Internet service providers to spread spam and warms over the internet. spamhaus, a group that tracks unsolicited commercial e-mail released a list of top 10 ISP’s that are favorite of most of the spammers. Microsoft one of the largest software vendor has a been ranked at number 6 previously Microsoft holds the number 9th position. This shows spammers are really loving Microsoft internet resources including Live services and other services.


Read more…

Ajay Pathak 23 November 2008 Security , 1 Comment

Major Online Threats to Your Business

It’s not a computer security expert protect your company’s network it’s the awareness regarding the online threats in your organization will protect your organization’s network. Awareness of key threats will enable you to employ practices and behaviors that limit your company’s risk. Lets have a closer look into major online threats for your business.

Spam: E-mail spam, also known as "bulk e-mail" or "junk e-mail," is a subset of spam that involves nearly identical messages sent to numerous recipients by e-mail. A common synonym for spam is unsolicited bulk e-mail (UBE). Definitions of spam usually include the aspects that email is unsolicited and sent in bulk. Opening spam E-Mails can put viruses, Warn and other malicious code into your computer system and make your computer system more vulnerable for computer attacks. vulnerabilities came form spam’s can be capable of disabling your corporate network or steal important corporate, employee data from your computer system. Distributing spam should also be a concern for you.

Sabotage by an employee: A knowledgeable employee can easily put a malicious program on your network. It then could be used to steal information that the employee could not otherwise access. No one should have sole access to any area of your network. You should keep an eye on things, too. If your antivirus software is not working properly, you may have an internal problem. Same goes for firewall failures. You should have more than one person who is familiar with the network, in addition to yourself. This is similar to accounting controls, where no one person can access the money. Two employees should be watching things. You should be watching, too.

Virus: A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. viruses can be classified into four major categories File Infectors,System or boot-record infectors, Macro viruses and multi-part viruses. Viruses and worms will slow down your computer system’s performance and reduce productivity.  At their worst, viruses and worms can enable hackers to steal valuable corporate, customer or employee information, increase Spam, delete files or crash your entire computer system. viruses and worms are some of the most preventable threats that your company will face. Employing simple majors prevent organizations from viruses and worms.

Phishing: Phishing is online identity theft in which confidential information is obtained from an individual. It is distinguished from offline identity theft such as card skimming and “dumpster diving,” as well as from large-scale data compromises in which information about many individuals is obtained at once. Phishers accomplish their scams in following way

  • Fraudulent Emails

  • Keystroke Programs

  • Web Site Hijacking

Phishers can replicate your logo and other identifiable characteristics to trick consumers.  Any attack using your brand can damage your corporate reputation, cost you money and drive away customers. Key steps to reduce the risk of a phishing attack include:

  • Monitor or Register Sites with Similar Spelling To Yours
  • Prepare.  Phishers often leave a trail of evidence so be prepared to identify the clues that a phishing attack is in its early stages:
    • Provide your customers with an email address that allows them to validate that an email they receive with your logo, etc. is really from you.
    • Monitor returned email messages as phishers often may hijack your email address to send bulk emails.
    • Log your customer service calls and check for spikes in certain types of complaints such as a password inquiries and changes.
    • Check for unusual customer account activity that has large volumes of logins, password changes, purchases, withdrawals, etc.
    • Regularly search the Internet for use of your corporate logos.

Source : staysafeonline Major Online Threats to Your Business

 

antiphishing.org

Ajay Pathak 4 October 2008 Security , , No Comments

Gmail’s Spam Bug is Now Fixed

In recent days Gmail users noticed that they are getting more spam messages as compare to previous days. This was a bug causing more spam messages are coming to Gmail uses inbox now Google has fixed this bug. In recent months this is the second time when Gmail users reported spam problems in Gmail’s  official discussion forum. On Thursday, a Google employee named Sarah chimed in by posting to the main thread devoted to this topic to say that the complaints were well-founded and had pointed Google toward a solution.

Sarah chimed  Wrote

Sorry to hear that this problem returned. Thanks to your reports, we were able to find and fix a problem in our classification system. Please let me know if you continue to experience this issue.

Gmail also having some issues with the notification services with their Google Apps Premier customers

Ajay Pathak 20 September 2008 Google, Security , , No Comments

Spammers Using Amazon EC2 to Spread Spam

Amazon Web Services Spammers are now using Amazon’s Clod service EC2 (Amazon Elastic Compute Cloud). Over last couple of days Sophos has detected a good amount of spam messages, telling users that your computer require a critical Microsoft Windows Update. This is oldest and best trick used by spammers to spread spam messages. There is no clear indication why spammers using Amazon EC2 to spread the spam messages but may be Amazon EC2 is well know and trustworthy site, users will be fooled into getting infected.

In order to stay protected, you should disregard any message with the following subject lines:

  • Critical Microsoft Update
  • Critical Update Notification
  • Important Microsoft Update
  • Important Update Notification
  • Important Windows Update.

Basically, anything stating that you need some sort of critical update.

Spam message Screenshot taken from Sophos website

Amazon EC2 Spam Message

Alert message of Sophos Anti-virus

Alert message of Sophos Anti-virus

The emails arrived via an IP that is part of a botnet:

Received ip address

helo thumb Spammers Using Amazon EC2 to Spread Spam

Ajay Pathak 2 July 2008 Amazon, Security , No Comments
Page 1 of 11
Page 1 of 11