Saturday November 22, 2008 7:19 AM AEST
Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"when i login to face book it tells me i am cookies enabled what does this mean"
on Ads on Facebook serving up adware
by celeste | Nov 21, 2008 5:15 PM
 
"Hi this is the mail I received Brett Karpman show details Nov 17 (3 days ago) Reply Atten..."
on Yahoo and Microsoft take aim at lottery scams
by Rodney Churchyard | Nov 20, 2008 6:13 PM
 
"security through obscurity...shows how detached HIPAA is from reality."
on Privacy breaches causing business instability
by priceOfFishInChina | Nov 20, 2008 1:19 PM
 
"Umm. no. The 6.5 product is mounting the offline VM image and performing a scan for patch ..."
on Shavlik Technologies to broaden its patch management offerings
by eric | Nov 20, 2008 8:15 AM
 
"it's great i tried it"
on McAfee offers free trial of security appliance
by divyacharan | Nov 20, 2008 12:24 AM
Email Security

Spammers exploit Google Docs

  • Email a Friend
  • Print Page
Related Articles
By Robert Jaques
Jun 4, 2008 10:04 AM
Tags: Spammers | exploit | Google | Docs | |
MessageLabs' latest Intelligence Report attributed this hike to a change of tactics in which spammers are moving away from a reliance on email attachments.

Spammers are instead moving towards the exploitation of free mainstream hosted services such as Google Docs, Google Calendar and Microsoft SkyDrive.

"The savvy and accurate cyber-criminals of today seem to have abandoned the attachments tactic that was so innovative in late 2007 and are exploiting free hosted applications which have become mainstream in 2008," said Mark Sunner, chief security analyst at MessageLabs.

"The spammers are taking advantage of the fact that these services are free, provide ample bandwidth and are rarely blacklisted.

"This is one more addition to the growing list of ways in which the spammers have succeeded in outsmarting traditional detection devices."

MessageLabs intercepted spam emails in May which contained links to spam contained in documents hosted on the Google Docs environment.

Traditional spam filters do not block links to the Google Docs domain, and spammers are using this to their advantage and even tracking their success through Google Analytics.

Spammers are also using Microsoft's SkyDrive shared file hosting service. Spam generated using this technique accounted for one per cent of all unsolicited mail in May.

In addition to the variety of new spam techniques, MessageLabs also identified several new phishing exploits this month, including one which preyed on a bank's environmentally conscious customers.

Using the Srizbi botnet to launch the attacks, the phishers took advantage of a 'Go Green' campaign run by Central Bank in Missouri to lure recipients into sharing their bank details in order to register for electronic statements.

Also in May, MessageLabs found evidence of phishing attacks claiming to be from HSBC bank which purported to be a secure connection via HTTPS.

Closer inspection revealed that the attack was actually a standard HTTP link to a domain pretending to be the actual bank.

Copyright © 2008 vnunet.com

 
Ads by Google
Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
 
Messaging Whitepapers
 
Popular Tags
blitz content effective exploit facebook flaw frame google hacking hosted mccain microsoft obama safe services spam spammers targets webmasters worm