Tuesday, August 28, 2007

A new type of spam

Digg this

Just got this in my e-mail in-box:

---------------------
We Need Beta testers to try out our new software Office Tools Plus

This will help us get the software ready for consumer release. For helping out, you will receive a free edition and 5 years of updates.

1: Download the software 2: Try it 3: Tell us what you think Here is your chance. Follow the link to our secure download center:
http://68.202.*.*/setup.exe
---------------------
(IP address removed for obvious reasons)

A new type of spam has appeared. Instead of saying "Hey idiot, download this perfectly obvious EXE that is going to install a virus" they are covering it up with "You can be a beta tester for our new Office Tools product....the download for beta testers is here: [link]". Social engineering at its finest.

The average user who has heard of beta testing will probably be enticed into downloading the file and running it. Who doesn't want to be a beta tester for a product that won't cost them a penny and possibly improve their productivity?

This is a dangerous new type of spam. A number of people are going to fall for it - it plays on social desires to beta test/try out new products. My guess is that it contains botnet software. On the plus side, a lot of users won't fall for it because there is no associated "click here to learn more about this software" sort of link that takes them to a page that describes how the software works, complete with screenshots. I'm sure the spammers will eventually start doing that, but it'll take a while.

Of course, I use an anti-spam tool called Spambayes. It is free software and works really well. I just have to train it a couple times on messages like the above and all future messages that are similar in nature will vanish.

And don't bother telling me the merits of Linux, Mac OSX, etc. I've heard it all and I've even used them both.

No comments:

Post a Comment