What is Spam and a Phishing Scam - Definition

*Spam is a form of electronic junk mail sent en masse to users. While annoying in its own right, it can potentially be very dangerous if part of a larger phishing scam. Phishing scams are a form of cybercrime that involves defrauding users by acting as legitimate companies or organizations in order to obtain sensitive information such as passwords and login credentials.*

Spam is the electronic equivalent of the ‘junk mail’ that arrives on your doormat or in your postbox. However, spam is more than just annoying. It can be dangerous – especially if it’s part of a phishing scam.

Spam emails are sent out in mass quantities by spammers and cybercriminals https://usa.kaspersky.com/internet-security-center/threats/cybercrime that are looking to do one or more of the following:

  • Make money from the small percentage of recipients that actually respond to the message
  • Run phishing scams – in order to obtain passwords, credit card numbers, bank account details, and more
  • Spread malicious code onto recipients’ computers

How to protect yourself against spam email and phishing

Here are some useful tips – from Kaspersky Lab’s team of Internet security experts – to help you reduce the amount of spam email you receive:

  • Set up multiple email addresses It’s a good idea to have at least two email addresses:
    • Private email address This should only be used for personal correspondence. Because spammers build lists of possible email addresses – by using combinations of obvious names, words, and numbers – you should try to make this address difficult for a spammer to guess. Your private address should not simply be your first and last name – and you should protect the address by doing the following:
    • Never publish your private email address on publicly accessible online resources.
      • If you must publish your private address electronically, try to mask it – in order to avoid having the address picked up by spammers. For example, ‘[email protected]’ is an easy address for spammers to find. Try writing it as ‘Joe-dot-Smith-at-yahoo.com’ instead.
      • When you need to publish your private address on a website, it’s safer to do this as a graphics file rather than as a link.
      • If your private address is discovered by spammers – you should change it. Although this may be inconvenient, changing your email address will help you to avoid spam.
    • Public email address Use this address when you need to register on public forums and in chat rooms, or to subscribe to mailing lists and other Internet services. The following tips will also help you to reduce the volume of spam you receive via your public email address:
    • Treat your public address as a temporary address. The chances are high that spammers will rapidly get hold of your public address – especially if it is frequently being used on the Internet.
      • Don't be afraid to change your public email address often.
      • Consider using a number of public addresses. That way you’ll have a better chance of tracing which services may be selling your address to spammers.
    • Never respond to any spam Most spammers verify receipt and log responses. The more you respond, the more spam you’re likely to receive.
  • Think before you click ‘unsubscribe’ Spammers send fake unsubscribe letters, in an attempt to collect active email addresses. If you click 'unsubscribe' in one of these letters, it may simply increase the amount of spam you receive. Do not click on 'unsubscribe' links in emails that come from unknown sources.
  • Keep your browser updated Make sure that you use the latest version of your web browser and that all of the latest Internet security patches have been applied.
  • Use anti-spam filters Only open email accounts with providers that include spam filtering.

Sent with MailTrack https://mailtrack.io/install?source=signature&lang=en&[email protected]&idSignature=22

'Resume' Spam Used to Spread CryptoWall 3.0 Ransomware

“*Hello, my name is XXXXX. Resume attached. I look forward to seeing you. Sincerely yours, XXXXX*”

With a short, simple message sent via email, a curious recipient could be lured to look into and access an attachment that was designed to look like a resume. And with one click of a download button, the recipient's system can be infected with ransomware. The method used may be simple, but the effect could be crippling.

A new spam run was recently spotted involving a ransomware http://www.trendmicro.com/vinfo/us/security/definition/ransomware#The_Evolution_to_CryptoLocker-carrying attachment. The scheme invites the recipient to download and view the sender’s resume (my_resume_pdf_id_1422-7311.scr), which leads to the execution of a malicious file. Once downloaded and executed, the affected system is locked down and displays a message that notifies the victim that the files are encrypted with RSA-2048 https://en.wikipedia.org/wiki/RSA_(cryptosystem) using CryptoWall 3.0 http://blog.trendmicro.com/trendlabs-security-intelligence/cryptowall-3-0-ransomware-partners-with-fareit-spyware/. Ultimately, this means that the documents and data stored in the system can no longer be accessed unless the victim pays the cybercriminal.

CryptoWall 3.0

Crypto-ransomware http://blog.trendmicro.com/trendlabs-security-intelligence/threat-refinement-ensues-with-crypto-locker-shotodor-backdoor/, widely-publicized as the more lethal descendant of ransomware, possesses advanced encrypting capabilities that make files unusable unless a ransom is paid. Last year, a crypto-ransomware variant, CryptoWall, made noise as the final payload of spammed messages http://blog.trendmicro.com/trendlabs-security-intelligence/social-engineering-watch-upatre-malware-abuses-dropbox-links/ that directly opens a Tor website used to extort money from its victim.

CryptoWall 3.0 is another evolved variant that uses hardcoded URLs that are heavily obfuscated to evade detection. This buys the malware more time to communicate to a C&C server and acquire the RSA public key needed to carry out its file encryption tactics. The C&C server is different from its payment page, which still uses Tor, to ensure that such transactions will continue running without interference from the authorities. CryptoWall 3.0 also employs “smarter” measures of deleting the target system’s shadow copies to prevent attempts of restoring files to its previous state—leaving a victim without any other option but to pay up. Read the source story here http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/-resume-spam-used-to-spread-cryptowall-3-0-ransomware

Real Time Web Analytics