Business Daily from THE HINDU group of publications
Monday, May 12, 2008
ePaper | Mobile/PDA Version | Audio
Business Daily from THE HINDU group of publications Monday, May 12, 2008 ePaper | Mobile/PDA Version | Audio |
|
|
|
|
|
|
|
eWorld
-
Interview Info-Tech - Security Web Extras - Viruses Spam watch
Prabhat Kumar Singh Security provider Symantec says it has observed a dramatic resurgence of spam in 2007, peaking at 72 per cent of all e-mail traffic. Since 2006, spam levels have climbed from 56 per cent of all e-mail to an all-time high of 72 per cent as per a recently published Symantec report. Prabhat Kumar Singh, Director, Security Response, Symantec India, believes that the “innovation in attack methods” is at an all-time high. He updates eWorld on what working in the security business means. How are blogs impacting the rate of spam? One of the reasons why spamming is easier with blogs is that they are free and in case a blog is blocked, they can anytime move to another free blog. Promoting products from a public, personal blog is one of the most cost-effective spamming techniques a spammer can use. Traditionally spammers hosted their wares on their own domains that they pay for but with the abundance of free blog sites they can host their wares for free. Each sample contains a brief description of the product and a URL link to the blog where you can see more details and purchase the product. The purchasing method is up to the promoter. From what Symantec has observed it seems that this new technique is being heavily tried out in the Chinese spammer circles to evaluate its effectiveness. Your report says “Spammers tried a new twist on an old scam, falsely promising past spam victims restitution of $100,000.” A scam contains request for some assistance for fund transfer or winning a lottery ticket. In this case, the scammer fakes a compensation offer to all those who are victims of such scams and have lost their money. The scammer says that he has been delegated by the United Nations to Central Bank to pay 150 scam victims $1,00,000 as compensation and that the mail recipient was named by one of the syndicates who were recently arrested. The scam states that payments will be supervised by UN officials. Scammers use organisation names such as The Economic and Financial Crimes Commission (EFCC) and United Nation Anti-crime commission to establish credibility. Finally, the scammer requests the user to respond with his preferred mode of payment (draft/cheque payments or wire transfers) to the “official” e-mail-ID which, of course, is the e-mail ID of the scammer.
Spammers changed their techniques for the holidays by inserting seasonal-oriented keywords into URLs, subject lines, and embedded images within their messages. The objective here was to implant the holiday spirit into the readers’ minds and provide blatant gift-giving ideas. The hot items Symantec observed were gift cards, electronics, replica products, and cheap drugs. Symantec observed an estimated 93 million spam messages focused on the holiday season. What’s the spam situation like in India? India had joined the spam bandwagon long ago but has made news only recently. In 2006, when the ‘Kamasutra Virus’ and ‘I Love you virus’ broke out, it made headlines. Spam is no longer restricted to one’s computer or inbox but has gone beyond. Google searches, MP3 and Wikis are the new victims. The latest landmines are phony search string links in the message field, appearing to be Google searches, but which, when clicked, take users to a fraud site. Attackers are trying to get to the top of Google pages, especially during festive seasons (Diwali, Christmas, New year) and special occasions (Valentines day, Friendship Day, Women’s Day). URLs have become a new wave. With the resurgence in Image spam, spammers are targeting people with URLs. A message is sent to a user having a URL in it. When the user clicks the URL he/she is directed to a fraudulent site. This has resulted in reduction in size of mail. Spammers are moving away from large size, pipeline clogging mails with image spam. But this does not mean that spam has become less dangerous. On Internet security as a career option. In the Internet security business, every day is a new day and every thing that we come across is a new learning. This is a niche field and aspirants need to have a thorough understanding of computer system architecture and network protocols.
They should also be able to critically analyse system design and easily identify flaws. A need to adapt to methodically breaking stuff is important. There are many developers who have written great programs that impact our daily lives. But how many of them actually spend their time disassembling binary program executables to decompile them with the view to understand the malware programme’s behaviour? Remember, malware writers usually never publish the source code for their creations. Reverse engineering in security is a challenging art and tough feat to master, but once mastered, it places the researcher in a different league altogether.More Stories on : Interview | Security | Viruses
Article E-Mail :: Comment :: Syndication :: Printer Friendly Page
|
Stories in this Section |
 |
|
The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription Group Sites: The Hindu | The Hindu ePaper | Business Line | Business Line ePaper | Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |
Copyright © 2008, The
Hindu Business Line. Republication or redissemination of the contents of
this screen are expressly prohibited without the written consent of
The Hindu Business Line
|