About us | Advertising | SecurityWatch
Home   Articles   Blog   Reviews   Press Releases   Security Tools   Sponsored Solutions
Press Releases
Spyware Used By Spammers In New Twist On Spam Attacks
Tuesday, 22 June 2004 18:19 EST

London, 22 June 2004, Spammers have started using spyware in a move towards more sophisticated and targeted spam attacks, according to MessageLabs, the leading provider of managed email security services to businesses worldwide. Hacking software, known as spyware, is being installed on victims machines to automatically send personal information about the user of the machine back to the spammer, who then includes that information in the subject line of subsequent spam emails. The idea is that by using familiar words and phrases, such as passwords, a pets name, or a company name, users will be more likely to open the email.

MessageLabs discovered the use of this new technique last week, as part of their analysis of the 50 million emails a day scanned on behalf of its 8,500 customers.

Matt Sergeant, MessageLabs? Senior Anti-Spam Technologist, explains:

The spyware finds its way on to machines in the usual ways, and is then used to log personal information and send it directly back to the spammer. These details are then incorporated into spam emails and sent back to the unlucky victim, who might not be suspicious of the emails because they seem to contain information directly relevant to them. If you receive an email with your son or daughters name in the subject line, for example, you're unlikely to delete it. This represents a shift on behalf of some spammers from a random, scattergun approach to a more tailored attack. As yet it does not seem to be a widespread technique, but we expect it to become more common and computer users should be on their guard.

The convergence of spyware and spam is the latest milestone in the evolution of spamming techniques as we increasingly find that spammers, virus writers and hackers are combining their malware to create evermore sophisticated email security threats. It is further evidence that the lines between the different types of email security threat are becoming more and more blurred.

About MessageLabs

MessageLabs is the leading provider of managed email security services to businesses worldwide. The company currently protects more than 8,500 global businesses from email threats such as viruses, spam and other unwanted content before they reach their networks and without requiring additional hardware or software. Powered by a global network of control towers that currently spans the United States, the United Kingdom, Germany, the Netherlands and Hong Kong, MessageLabs scans 50 million emails a day on behalf of customers such as The British Government, The Bank of New York, EMI Music, HealthPartners, StorageTek, Air Products and Chemicals, SC Johnson, Condast Publications, Fujitsu and Diageo. For more information on MessageLabs and its industry-leading email security and management services, please visit: www.messagelabs.com



Featured Articles

Tribal thinking in today’s IT
George Santayana once famously observed; “Those who cannot remember the past are condemned to repeat it.”. But when it comes to IT security, a better way of thinking might be; “those who fail to understand the impact of the past on their thinking may find themselves somewhat exposed”…

You can’t manage what you can’t see!
Security threats have grown more menacing with the appearance of the likes of Sober, Mytob, and Bagle. Along with the newer trends of spyware, phishing and key logging the implications of ineffective information security have become potentially debilitating to business operations and indeed strategy.

Endpoint Security: the biggest threat to your organisational flexibility
The development and execution of an endpoint security strategy is an increasingly important and urgent issue for businesses of all sizes. Many are executing – or wanting to execute - flexible working practices and organisation models that leverage contemporary technology.
Scan all company email for viruses, Trojans and worms with 4 virus engines, all in one package - GFI MailSecurity for Exchange/SMTP! Download your free 60-day trial today!

Check your website security with Acunetix Web Vulnerability Scanner. Audit your web applications for SQL injection, cross site scripting & more. Download trial!

Network Security Tools

SpyDefense
SpyDefense protects your computer against annoying, and harmful software such as Spyware, Adware, Trojan horses, etc. SpyDefense is anti-spyware software that prides itself on a very user friendly environment.


Proactive Security Auditor
Proactive Password Auditor is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and and Windows Server 2003-based systems administrators to identify and close security holes in their networks.


File Securer
File Securer is a powerful tool designed to protect your sensitive folder and personal file. With strong security, File Securer embeds the protect into windows system kernel, both on command mode and window mode, all work professionally.




What's up, IT? Blog

Phishing By The Numbers: 41,000 Blocked Sites in 2005
Top 7 PHP Security Blunders
The human factor and information security
Why I Love Vulnerability Analysis In 2005
IT security fear factor: Tape backups
Uncovering Cyber Flaws
State of the security mart
When the hardware gets smart
Security for SMBs
Four Security Resolutions For The New Year

Copyright © IT-Observer.com 2000 - 2006    Privacy Policy | RSS Feeds
Site Meter