Security news22 June 2009
Spammers direct users to MSN to spread their sleazy messages, Sophos reports Beware the flirtatious MSN chat - you could be talking to a robot
IT security and control firm has discovered an unusual spam campaign which tries to lure recipients to engage in a flirtatious MSN chat, before ultimately redirecting them to an adult website.
According to Sophos, this technique could be used more in the future as spammers attempt to avoid spam filters and trick unsuspecting users into revealing sensitive and financial information.
The unsolicited emails, discovered by SophosLabs researcher Dmitry Samosseiko, use a variety of email addresses and minor randomisation of content. A typical example reads:
msg me on MSN
my MSN name is [censored]@live.com ttys cutie :-*
Users who decide to take up this offer and chat with their mystery admirer over MSN, will be quickly asked to sign up to a website in order to see the supposed sender's webcam, are engaged in a scripted IM chat, pretending to be from a woman who has just started doing webcam shows from her home.
After some banter, the "woman" (who is in fact a computer program, pretending to be human) says that she has some free passes to view her on a webcam website. In reality, the website being linked to by the online seducer was registered anonymously in May 2009, and belongs to an affiliate of ClickCash.com, a network promoting adult websites. Sophos warns that when the website asks for user details and credit card information to guarantee the user is over 18 years old, the data could easily be used to commit identity theft.
"Talking to strangers can be dangerous on the net, but many people do it. So it's actually quite likely that this scam could be successful," said Graham Cluley, senior technology consultant at Sophos. "Engaging victims in playful and flirtatious chat like this is a sure fire way to hook people in and entice them to part with sensitive information. All computer users need to be wary of unsolicited emails, no matter whether or not they seem like harmless fun - if you don't know the person who sent you the message, it's possible that they're after your money and your identity."
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.
