Spam and Phishing

The end of 2010 was a rather bad time to be a spammer. Thanks to an industry-wide effort that included botnet takedowns and legal cases, we saw a dramatic shift in the way spammers used unsolicited e-mail to make money.

The news of the death of Elizabeth Taylor is already being used in social engineering scams on Twitter.

Last week, we published a blog post regarding the ongoing spam campaign using the recent earthquake in Japan to infect users. According to our analysis, it seems that the malicious links from the spam emails lead to websites hosting the Incognito Exploit Kit.

As was predicted by many, email scams soliciting donations for Japan are appearing in user’s inboxes. We took a closer look at one of these messages and identified the following details.

Kaspersky Lab has detected a malicious spam campaign using the recent earthquake in Japan to infect users.

In this episode of Lab Matters, Kaspesky Lab malware researcher Tim Armstrong joins Ryan Naraine to examine the security posture of the Android mobile operating system. Armstrong looks at strengths and weaknesses of the open-source platform and warns about the risks associated with jailbreaking/rooting Android devices.

Kaspersky Lab recently discovered a new ongoing spam campaign on Twitter. A Twitter account is actively sending tweets to random people with links to a video. Here’s one of the messages:

Here’s the latest of our malware wallpaper calendars.

Here’s an unusual spam message that turned up today.

This section of the report forms part of Kaspersky Security Bulletin 2010 and is based on data obtained and processed using the Kaspersky Security Network (KSN). KSN integrates cloud-based technologies into personal and corporate products and is one of Kaspersky Lab’s most important innovations.

It’s February, and that means Valentine’s Day-related spam. Lots of it! There are already loads of adverts offering expensive alcohol and chocolates, jewellery and leather goods, romantic trips for two etc.

In January we published the first of our malware wallpaper calendars. Here’s the latest wallpaper.

The criminals seem to have enough stolen information like credit card PINs, as well as details for online banking accounts and payment systems. Their problem now is how to launder the money they have made.
Our statistics confirm it.

Cybercriminals like to register domain names that are very similar to actual, well known domain names but with one or more letters changed. In many cases a potential victim will mistype a letter and in this way arrives at a fake Web site instead of the original one.

This new worm is propagating via e-mail with a backboned administration through a crimeware pack called BOMBA. The scam messages come with a message to a fake eCard requiring installing Flash Player (an old scammers trick).