Experts at SophosLabs™, Sophos's global
network of virus, spyware and spam analysis centers, have warned
computer users to think before forwarding chain letters after
discovering a new scam being used by spammers to collect email
addresses.
A spammed email campaign, seen by Sophos, poses as a research
project into chain mail and joke messages that are frequently sent
between email users around the world. Chain letters and jokes can
easily be sent to a person's full contact list or an entire company
department, ending up with valid email addresses for everyone who
received the message in the body of the message.
The new spam campaign asks for chain letters to be forwarded to
the spammers (who are posing as a researcher called Gemma).
However, Sophos warns that rather than conducting a study of chain
letters, the recipients are actually planning to gather innocent
peoples' contact details for the purposes of spam and identity
theft.
Part of the spammed email reads as follows:
I would be very grateful if you would be kind enough to
forward absolutely anything and everything that remotely resembles
chain mail, forwards of any type (even the rude ones). This project
is based over the next year and I need at least 500,000 forwards
for this project to be a success, so please keep them coming the
more the better
The email asks for chain letters and joke
messages.
"Spammers need email addresses like a fish needs water. Without
details of 'live' email addresses they struggle to get their
unwanted marketing messages in front of their potential customers,"
said Graham
Cluley, senior technology consultant for Sophos. "Under the
pretence of 'research' spammers are trying to fool internet users
into passing on dozens of email addresses with every message they
forward. At best this could result in spam being sent to all of
your friends and colleagues, at worst they could be put at risk of
identity theft. Computer users should break the chain and not
respond to messages such as this one."
Sophos recommends that companies protect their email gateways
with a consolidated solution to defend
against viruses, spyware and spam, as well as secure their desktop
and servers with automatically updated protection.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.