Mega-D Botnet back after McColo shutdown
Well it was a nice but brief vacation from three of the big Botnets as McColo was shut down last month but by all reports the Mega-D botnet looks to be back and at near full strength.
Posts filed under 'CudaMail'
Internet Relay Chat (IRC) re-gaining in the Billion-dollar underground economy
Over at IT Business they are reporting that Internet Relay Chat or IRC is again a popular place for Cyber Criminals to hang out and market their ill-gotten gains. With a market estimated at 7 Billion dollars you can be sure that they aren’t going away anytime soon.
Reduce Your Spam with a Disposable E-mail Address
Some sites that you go to want you to register and provide a valid e-mail address to send you your password or a signup verification link.
Dilbert – Our Spam Filter Has Become Self Aware?
Has it come to this? Do we need an anti-spam engine so powerful that it becomes self aware?
How To Stop a Spammer – Go After His Bank Account!
The US Federal Trade Commission along with their counterparts in New Zealand and Australia have finally made a dent in the spam volume. As reported by the The Register and IT Brief, a two month investigation involving international cooperation has resulted in the laying of charges against Shane Atkinson …
Airline E-ticket Email Scam
With so many people cutting back on travel because of the high fuel prices the chance of getting a ‘free’ airline ticket anywhere will surely entice some percentage of people to open this attachment and get infected. If it sounds too good to be true… you know the saying.
CudaMail is currently blocking these as Trojan.Zbot variation.
- Shaun
US-CERT Current Activity
Airline E-ticket Email Attack
Original release date: July 31, 2008 at 9:15 am Last revised: July 31, 2008 at 9:15 am
US-CERT is aware of public reports indicating that a new email attack is circulating. This attack uses email messages that appear to be from legitimate airlines and contain information about a bogus e-ticket.
These email messages instruct the user to open the attachment to obtain the e-ticket. If a user opens this attachment, a file may be executed to infect the user’s system with malicious code.
Reports, including a posting by Sophos, indicate that these messages have the following characteristics. Please note that these attributes may change at any time.
- The subject line “E-Ticket#XXXXXXXXXX”
- An attachment named “eTicket#XXXX.zip”
US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:
- Install anti-virus software, and keep its virus signature file up to date.
- Do not open attachments in unsolicited email messages.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
Relevant Url(s):
- www.us-cert.gov/cas/tips/ST04-014.html
- www.sophos.com/security/blog/2008/07/1604.html
- www.us-cert.gov/reading_room/emailscams_0905.pdf
====
This entry is available at
Here are some more Blog articles on Airline Ticket Email Scams:
Update of the McAfee S.P.A.M Experiment
While McAfee is supposed to release the full report today one mother of three named Tracey Mooney has already talked to Network World and given her version of the experience of being deliberately naive on the Internet for a month. The outcome?
