April highlights: new spamming technique and Olympics themed targeted attacks
On the cusp of the 30th anniversary of the first spam message, MessageLabs identified a new spamming technique being used to send authenticated spam email via Yahoo!’s SMTP servers. This spam attack accounts for one percent of all spam intercepted in April and has been used to advertise services for Canadian Pharmacy, a well-known spam operation. By using the SMTP server and a DomainKeys Identified Mail (DKIM) authentication technique, the spammers can ensure that the email generated is harder to block based on traditional anti-spam methods.
In addition, MessageLabs Intelligence reported targeted attacks reaching new heights this month, with MessageLabs intercepting approximately 70 targeted Trojans per day, an increase of 250 percent on the December 2007 levels of 28 per day. Leveraging interest in the Beijing 2008 Olympics Games, MessageLabs has intercepted 13 separate Olympic themed attacks over the past six months which use legitimate-sounding email subject titles, such as “The Beijing 2008 Torch Relay” and “National Olympic Committee and Ticket Sales Agents”. Some attacks purported to be from the International Olympic Committee, based in Lausanne Switzerland, however in reality all of the attacks but one were sent from an IP address within Asia Pacific.
Finally, MessageLabs has uncovered a new way that scammers are abusing professional social networking sites like Linked-In. For the first time, they are taking advantage of these sites to lend legitimacy to Nigerian 419 advance fee fraud scams by creating profiles with false credentials that pertain to the business involved in the scam.