Help | Contact | Forum | Affiliates | Press
Purchase
Download
Features
Screenshots
Demo
It's a time for romance, for Cupid's arrow, and perhaps a male enhancement drug from a fake online pharmacy. Valentine's day spam and scams are showing up in inboxes in anticipation of the upcoming holiday. The messages, with timely sales pitches like "Increase your length, the best valentine's gift," join a flood of other crap mail that has spam levels back up to where they were prior to the McColo shutdown success in November. In addition to listing other eye-rolling Valentine's spam subjects like "Great watches for your Valentine," Symantec's State of Spam report for the month (pdf) adds to evidence that, as expected, junkmail spreaders have found other ways to spread their spam after McColo, a company that provided Internet homes for many spam spreaders, was cut off. It was a major victory, but one all the experts predicted would be short-lived. Sadly, the experts were right. According to Symantec's report, spam levels are back up to around 79 percent of all e-mail, just about the levels prior to the McColo takedown.
When it comes time for spammers to register their Internet domain names, some companies are more popular than others. Spam-fighting organization KnujOn has released a report on the top 10 registrars it has linked to spam and other illicit activity. It found that some companies have cleaned up their act in recent months and that others -- most surprisingly Network Solutions and GoDaddy sister company Wild West domains -- have suddenly popped up on the list. Domain name registrars are in a unique place when it comes to fighting malicious activity on the Internet. Because spammers tend to register many different domain names in the hope of evading antispam detection software, they can be very lucrative customers for the registrars. But registrars are also in the best position to wipe Web sites used by fraudsters off the Internet, because they can very easily remove fraudulent domains from their databases -- effectively dropping the scammer from the Internet. Some registrars respond aggressively to reports of malicious activity within their domains, while others take more time, according to Garth Bruen. The point of the report is to highlight the registrars who could do more to clean up their act. "Because this has been a free-rein, profit-driven enterprise, the registrars have made up their own rules," he said.
An enterprising group of criminals has been using a real-world scam in an effort to spread malware. The attacks reportedly began with a series of phony parking tickets issued in Grand Rapids, North Dakota. Individuals had the tickets placed under their windshields along with instructions to visit a website. Sans Institute security researcher Lenny Zeltser said that the website contained a number of photos of vehicles from Grand Rapids, and advertised a searchable archive of "bad parking". The photos had been edited to remove licence plate information. Users visiting the site were instructed to download an executable 'toolbar' in order to search for their own cars. The executable contains a Trojan application, however, which attempts to download a number of other malicious applications onto the victim's PC.
A recent error over at Google resulted in a huge smattering of sites being identified as malware-hosting that were actually in the clear. The problem was so large, that for a brief while every site searched for was listed as being home to malware. While Google got the problem fixed in short order, it ended up bringing StopBadware.org to its knees with the incredible amount of traffic redirected to it by Google. After admitting they were to blame, Google cleared up the situation and went on their way. Unfortunately for many actually legit sites, it seems that in the process they were erroneously identified as harmful, and still remain tagged despite the problem being fixed. This has caused considerable upset with many website owners, who are unhappy with Google's automated system of removal. StopBadware.org is extending a hand to those who need help, with a manual review system that lets website owners have their site inspected for malware and their names cleared. Google's level of automation is very high, and due to how well their services normally work it has rarely caused a problem. Anyone who used Google during that one-hour window over the weekend saw just how bad things can get when that automation goes wrong, however. The sites misidentified by them no doubt suffered because of that, not only being denied traffic but harming their reputation. Luckily for them, they do have sites like StopBadware.org on their side when things go wrong.
BUCHAREST, ROMANIA - The word "UND" (German for AND) has been identified as the top spam word in Spam Omelette, BitDefender's weekly review on spam and the latest industry trends. Spam Omelette is part of MalwareCity.com, which is supported by BitDefender®, an award-winning provider of antivirus software and data security solutions. In week 12 of the Spam Omelette reports, the top spam words include: 1. UND -- Ranking first in this week's spam top, the word "UND" (German for AND) has been detected by the BitDefender spam researchers in unsolicited messages promoting explicit adult video content. 2. EMAIL -- The word EMAIL ranks second this week. While previous campaigns were accompanied by relevant images related to sexual enhancement pills, the new spam wave only displays a discreet banner advertising "Shop Best Sellers." 3. RECEIVE -- Ranking third in Spam Omelette is the word "RECEIVE," which has been detected in messages sent by the online gambling website PokerSavvy. The message asks receivers to start inviting their friends to the poker table in exchange for extra credit points. 4. UNSUBSCRIBE -- The word UNSUBSCRIBE ranks fourth this week and is used in messages impersonating legitimate newsletters. The spam message contains a disclaimer mentioning a trustworthy company as well as a forged unsubscribe link that validates victims' email addresses as being in use. 5. TIME -- The word TIME ranks last in Spam Omelette's weekly top and has been detected in messages advertising Canadian Pharmacy drugs.
You might have slept through it, but Google had a massive malware mix up Saturday morning, leading to questions about whether one company has inordinate influence over web life. From about 9:30 a.m. EST to 10:25 a.m., Google searches warned that every site it indexed contained malware that could “harm your computer.” Even trusted sites such as CSMonitor.com, the NYTimes, and Google’s own pages received this troubling alert – only YouTube seems to have escaped the glitch. Users brave enough to click on the search results anyway received a second safety warning: “Visiting this web site may harm your computer! … Return to the previous page and pick another result.” But there were no other results; Google labels entire web as “malware.” The problem was “human error,” explains the company. Someone accidentally updated Google’s logs to flag every site with a “/” in its URL. Unfortunately for Google, every site has a “/” in its URL. The snafu confused users and infuriated web businesses, which saw a big dive in hits during the hour-long mix up. Google corrected the records, but concerns remain. Has Google grown too big? In an editorial called “Google’s flub: Do we have a Web monoculture too?” ZDNet editor in chief Larry Dignan writes that: “to many folks Google is the Window to the Internet. If folks can’t Google people are simply lost. That fact alone probably qualifies Google as a Web monoculture although it may be a touch premature to make a definitive call. However, Google touches everything and frankly that’s a bit worrisome.”
We all know that opening e-mail from unknown senders is a major security no-no. But how about visiting your bank's Web site? Or your favorite online business magazine? According to a new study from IBM, even those activities pose growing danger to Web surfers. The company's latest X-Force Trend and Risk report found that businesses' sites are increasingly likely to expose customers to security threats because they fail to keep them properly updated with the latest software patches. That failure makes it easy for hackers to sneak malware onto legitimate sites that steals personal information or takes over visitors' PCs to create botnets. "Web applications, in particular, are increasingly vulnerable and highly profitable targets for helping the criminal underground build botnet armies," the report said. IBM's (NYSE: IBM) findings come as the latest sign that attackers and information thieves are pursuing increasingly sophisticated tactics for growing their botnets and harvesting user data. In recent months especially, hackers have stepped up efforts to spread malware by trading on legitimate sites' good names.
More than half of the security vulnerabilities disclosed during 2008 had no patches available from the vendor by the end of the year, according to a report released on Monday by IBM's X-Force research group. Meanwhile, 46 percent of vulnerabilities from 2006 and 44 percent from 2007 still had no patch by the end of 2008, the 2008 X-Force Trend and Risk report said. X-Force documented a record number of 7,406 new vulnerabilities last year. Overall, Microsoft is the vendor that tops the list in percentage of vulnerabilities disclosed, the report said. The Macintosh and base Linux kernel operating systems have dominated the top spots for vulnerabilities by operating system over the past three years, the report said. There were no breakdowns by vendor or operating system for unpatched vulnerabilities. Most of the spam last year appeared to come from Russia (12 percent), followed by the U.S. (9.6 percent), and Turkey (7.8 percent), although the spam senders could be located in a different location, the report says. China unseated the U.S. as the country hosting the largest number of malicious Web sites for the first time last year.
Spyware is software that is installed on your computer without your knowledge or consent, and it monitors or controls your computer use. Indicators that spyware is on your computer may include a salvo of pop-ups, a browser that takes you to sites you do not want or intend to visit, unexpected icons on your computer screen, random error messages, and sluggish performance when opening programs or saving files To lower your risk of spyware infections, you should: # Update your operating system and Web browser software, and set your browser security high enough to detect unauthorized downloads. Your operating system may offer free software "patches," according to the Federal Trade Commission, to close holes in the system that spyware could exploit. Set your operating system and security software to update automatically to be sure you have the latest protections. # Use anti-virus and anti-spyware software and a firewall, and update all of them regularly. You can download this software from Internet Service Providers (ISPs) or purchase it in retail stores. Look for anti-virus and anti-spyware software that removes or quarantines viruses and that automatically updates on a daily basis. # Download free software only from sites that you know and trust. Free software can be enticing, but usually they are bundled with other software that could be harmful to your computer. Be aware, however, that some of these free software applications bundle with other software that may include spyware. Talk with kids about safe computing. # Do not click on links inside pop-ups. Instead, close the pop-up by clicking on the "X" icon in the title bar.
We’ve known for a while that there are a lot of bad websites out there that could damage your computer or wish to stealing your personal information. But this morning, it was revealed that 100 percent of all websites wished to do you harm — or at least, according to a little search site called Google that is. Yes, between 6:30 AM PST and 7:35 AM PST, every single listing for every single search done through Google was flagged with the warning “This site may harm your computer,” Google’s vice president of search product and user experience, Marissa Mayer explained today on the Google Blog . While this was obviously an error — and a bad one — the blame game led to some further confusion. Initially, Google noted that the site StopBadware.org provided its badware data (a listing of sites that intend to harm visitors), and seemed to indicate that being the root of the error. In fact, StopBadware.org does not provide Google with badware data, but instead simply helps Google come up with the cirteria for maintaining its own list. Google updated its post to clarify that it was in fact Google’s own fault and StopBadware.org wrote it own post on the matter as well. Mayer notes that users who saw the erroneously flagged search results only encountered them for about 40 minutes or so. Still, it’s worth repeating that it was every single page that Google indexes on the Internet that was flagged as spam during that time period.
