SPAM

The term "SPAM" is used to refer to e-mails that are junk — sometimes just pointless and annoying, sometimes malicious. Often SPAM is a vehicle for a "Phishing" attack, i.e. an attempt to get you to give away information or to trick you into clicking on something for the purposes of installing malware or carrying out a cross-site scripting attack. Often SPAM is pretty easy to pick out. Suffice it to say that any e-mail that asks for money, asks for passwords or account numbers, or tries to entice you into clicking on links should be treated with suspicion!

The laziest spammer ever


mouse-over to enlarge
"This is quite possibly the worst spam I've ever received. There's really no trickery at all ... the attacker just brazenly asks for the username and password with a lame attempt to tie it to my e-mail account. What really takes the cake, though, is that they didn't bother to hide their e-mail address (jlnorris@tie.cl) which, quite clearly, is not from USNA. This attacker ought to be ashamed of themselves." — Dr. Brown

 


A better effort: playing on my fear of being overcharged


click to view
"This is an interesting spam/phish because the e-mail (which is HTML encoded) looks legitimate, and plays on my fear of being overcharged. First of all, I never ordered an e-book version (or any other version!) of "The Hunger Games" ... honestly! But if I wanted to, I'm pretty sure $89.99 would be way too much. (Maybe it was a first edition? ;-) So anyone looking at this is clearly going to want to contact amazon and say "it wasn't me!".

What you really need to look at with this one, however, is where the links are sending you. Hover over (but don't click!) the links in the e-mail and take a look at the crazy domain names you'd get sent to. If an e-mail notifies you of a problem with an account. Don't access the account by following links in the e-mail. Either call or type in the URL you usually use. Certainly don't follow crazy links like these! " — Dr. Brown

 


More obvious spam


mouse-over to enlarge
" Here is a pretty typical spam. First of all, I don't have an e-mail account at ntc.edu ... in fact, I've never heard of it. Also, although you can't tell this from the image, if you hover over the CLICKHERE link (which, by the way is badly formatting and trying way too hard to get me to click), you see that the link is trying to take me to https://docs.google.com/spreadsheet/viewform?formkey=dElRSW96VlJ1d0pQeFNGRDhmUTl0ZXc6MQ instead taking me to some ntc.edu page connected with the ntc.edu mail server. " — Dr. Brown


Old School Phishing


mouse-over to enlarge
" This is an example of old school phishing. 15 years ago it was someone with access to an account setup by some deposed Nigerian leader. Now, apparently, it's the wife of the former Libyan leader Moammar Gaddafi. Either way, I don't think anyone really want my help in moving money ... except out of my wallet and into theirs! " — Dr. Brown