Boxbe Blog » Malware

Holiday coupon phishing scams

Randy Stewart, Product Manager — Thu, 06 Dec 2007 23:26:17 +0000

The Associated Press is warning email users yesterday to be wary of coupons that they have received via email.

Instead of money saving deals, e-mailed coupons could lead recipients into “phishing” schemes where the consumer is redirected to a copycat site, whose real purpose is to siphon the user’s credit card information, passwords and other financial data, IBM Corp. security executive Christopher Rouland warned.

If you are a Boxbe member and have approved email from say Amazon.com, messages from a an address that claims to be from Amazon, but really aren’t, won’t make it through to your inbox.

Boxbe uses two email authentication methods (DKIM and SPF) to verify that the emailer is who they claim to be. DKIM and SPF are two email authentication standards backed by Google, Microsoft, Yahoo!, and AOL. Boxbe blocks messages that come from senders who claim to be someone that they are not

Be safe out there this holiday season and let us worry about your email.
Read

image from Flickr user skrewtape.

Spam and economics

Randy Stewart, Product Manager — Fri, 21 Sep 2007 18:10:40 +0000

Ok, this one is completely for Thede, but if you’re interested in looking at finding spammers and other ne’er do wells using an economic angle. This a fascinating look into the minds of malware producers.

From the abstract:

“Computer security has recently imported a lot of ideas from economics, psychology and sociology, leading to fresh insights and new tools. I will describe one thread of research that draws together techniques from fields as diverse as signals intelligence and sociology to search for artificial communities. “

[via Akismet]

Dad, where does malware come from?

Randy Stewart, Product Manager — Tue, 11 Sep 2007 16:50:19 +0000

Ever wonder where spam, viruses and malware come from? Apparently, it comes from the mob.

Tony Soprano, spammer?

Auckland, New Zealand based computer security expert, Peter Gutmann has an informative presentation on the subject here. Malware, it seems, has become quite an industry and Gutmann posits that much of it is being ran by various mafias around the world.

Organized crime recruit so-called “script kiddies” that are writing malware and viruses for fun and pay them to turn their software into money making machines. Gutmann cites a number of internet business practices that have been employed by such as “Malware as a Service,” making it easier than ever to spam people.

A deal you can’t refuse

Gutman, the self proclaimed “professional paranoid,” goes into a high level of detail of exactly how people in the malware industry make money.

Here are a few examples:

$1 per credit card numbers down to the verification number
$40 credit card, with date of birth and social security number
$1000 for 10,000 compromised computers.

Additionally, he takes a technical deep dive into how malware authors hide what they are doing.

If you are an aspiring spammer or virus maker, this is must read. For everyone else, read the end of the document about how to keep yourself safe.

Peter Gutmann
Economics of Malware pdf
[via Metafilter]