Kaspersky Lab publishes the article "Fraudulent spam"

28 Jul 2008
Virus News

Kaspersky Lab, a leading developer of secure content management solutions, announces the publication of the article “Fraudulent Spam” by Natalya Zablotskaya, an anti-spam analyst at the company. The article describes how spam messages are used to gain access to personal information and con users out of money.

Spam attracts cybercriminals and fraudsters of all types because state-of-the-art spam technologies not only allow spammers to trick users but also conceal their activity. Phishing messages, one of the most hostile types of fraudulent spam, are used by spammers to obtain personal data – user logins, passwords, credit card numbers and PINs – with the aim of stealing money. Most often, phishing attacks target clients of online banking and payment systems. With the development of online banking on the Russian-language Internet phishers are increasingly targeting the accounts of Russian users.

Phishing messages imitate the correspondence of legitimate organizations (banks, financial companies, or payment systems). They encourage recipients to “confirm” their personal data on some pretext or other. These messages contain a link to a fake page where users are asked to enter their data which then falls into the hands of criminals. The fake page is usually an exact copy of the official site of the organization that supposedly sent the message (the sender’s address is also false) so that users do not suspect anything.

In addition to phishing, cybercriminals make use of lots of other tricks to catch out hapless users. The article describes the most widespread types of fraudulent messages such as Nigerian letters, notifications of fake lottery wins, offers to use “errors” in payment systems, or a “hole in the script” making it “possible to win in an online casino”. Those who are tempted by quick profits are promised a good return for doing almost nothing.

The author of the article underlines the increasingly hostile nature of fraudulent spam, with spammers honing their skills and carrying out targeted attacks. So as not to fall victim to “well-wishers” offering fast and easy ways of enrichment, email recipients simply have to be careful, though it can be difficult to detect more sophisticated spammer tricks. Phishing, however, requires the use of specialized software protection. To be on the safe side, users should never believe the “good intentions” of spammers, and install software which provides reliable protection from spam, phishing and malicious programs. Though these recommendations may seem trivial, adhering to them will save both the data on your computer and your money.

The full version of the article is available at Viruslist.com.