Tag Archives: CAPTCHA

Shortened URLs – One More Thing To Worry About

image I’ve always though that shortened URLs were one of the dumbest things to ever come down the Internet highway. Given the state of Internet security, who in their right mind would click on a link that looks like this – http://om.ly/2efrq, in an email (for example), as opposed to a link that looks like this – https://billmullins.wordpress.com/.

Anyone who clicks on a shortened URL, in my view, is surfing the Net with their eyes shut. I’m not suggesting that a legitimate looking link is any safer, but at least you should have some idea where it is you’re supposed to end up.

We shouldn’t be too surprised then, to see email spammers (who use every tactic available), take advantage of the obstrufication cause by shortened URLs. Shortened URLs are, in a real sense, hidden web addresses.

There’s little surprise then, that according to the July 2010 MessageLabs Intelligence Report, shortened URLs in spam, are fast becoming a sustained spamming tactic due to loop holes in CAPTCHA requirements for the tiny links, and free-of-charge URL shortening services.

Highlights from Symantec’s July 2010 MessageLabs Intelligence Report:

Spam: In July 2010, the global ratio of spam in email traffic from new and previously unknown bad sources was 88.9 percent (1 in 1.12 emails), a decrease of 0.4 percentage points since June.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 306.1 emails (0.327 percent) in July, a decrease of 0.04 percentage points since June. In July, 17.1 percent of email-borne malware contained links to malicious websites, an increase of .4 percentage points since June.

Endpoint Threats: Threats against endpoint devices such as laptops, PCs and servers may penetrate an organization in a number of ways, including drive-by attacks from compromised websites, Trojan horses and worms that spread by copying themselves to removable drives. Analysis of the most frequently blocked malware for the last month revealed that the Sality.AE virus was the most prevalent. Sality.AE spreads by infecting executable files and attempts to download potentially malicious files from the Internet.

Phishing: In July, phishing activity was 1 in 557.5 emails (0.179 percent) an increase of 0.02 percentage points since June. When judged as a proportion of all email-borne threats such as viruses and Trojans, the proportion of phishing emails had decreased by 3.2 percentage points to 60.2 percent of all email-borne malware and phishing threats combined.

Web security: Analysis of web security activity shows that 30.5 percent of malicious domains blocked were new in July, an increase of 0.2 percentage points since June. Additionally, 13.0% of all web-based malware blocked was new in July; an increase of 0.5 percentage points since last month. MessageLabs Intelligence also identified an average of 4,425 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 176.9 percent since June.

The July 2010 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at here.

About Message Labs Intelligence:

Symantec’s Message Labs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

17 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, internet scams, Internet Security Alerts, MessageLabs, Online Safety, Symantec, Windows Tips and Tools

Webmail Phishing Attacks – The True Cost

MessageLabs points out in this timely report, the true cost of webmail phishing attacks, and the impact such attacks can have on the victims of this cyber-criminal activity.

Courtesy of MessageLabs:

image In the wake of the news reports this week of the large-scale webmail phishing attacks, much of the coverage has surrounded the compromise of email accounts which, according to the numbers, affected a massive amount of webmail users.

However, what has been glossed over is the potential impact on the other aspects of the victims’ online lives. The bad guys likely now have more than just access to users’ email accounts, they have access to a host of other online services the victim uses.

“A user’s unique email address is often used to authenticate a number of web sites, including social networking sites and Instant Messaging on a public Instant Messaging (IM) network,” said Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec. “If your email address has been compromised, not only should you change the password there, you should also change it on any other site that uses that email address as a log in ID.”

Once the bad guys have email account information and the will to take over a related social networking accounts, all they need to do is try the password reminder links from the login pages. They can then not only use your email to spam, they can also gain access to other personal information stored online.

Over the last year, MessageLabs Intelligence has tracked a number of phishing attacks using Instant Messaging whereby the bad guys collected real IM user account information and passwords and used them to send commercial messages to everyone on the user’s buddy list.

An invitation to view a funny video or embarrassing pictures by clicking on a link in an IM was the bait and the landing site would then ask the victim to log in with their IM user name and password. For public IM networks, the user name is often the same as the web-based email account.

Phishing isn’t the only way the bad guys can gain access to webmail accounts. MessageLabs Intelligence has been aware of an increase in the number of “brute-force” password breaking attempts, where dictionary attacks are used against online webmail accounts to break in, perhaps using POP3 or webmail to conduct the attacks.

Users with simple or weak passwords are the most vulnerable. On the website, an attacker will be asked to solve a CAPTCHA puzzle to prove they are a real person. CAPTCHAs can be easily bypassed using a variety of CAPTCHA-breaking tools.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Don't Get Scammed, Don't Get Hacked, Email, email scams, Interconnectivity, internet scams, Malware Advisories, Malware Reports, MessageLabs, Online Safety, Windows Tips and Tools

Spammers Go Short – Cut Link Lengths

The presence of shortened URLs in spam has skyrocketed over the past few days and now appears in more than two percent of all spam, according to MessageLabs Intelligence.

With many social networking sites providing character restrictions on status updates and messages, the use of free URL redirection services which turn lengthy web addresses into shortened URLs, is increasing in popularity with spammers for a number of reasons.

According to Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec – “There are literally dozens of websites that offer URL shortening services and spammers have realized that using these services eliminates the need to solve a CAPTCHA or register an account.”

“The newly shortened URLs also help cybercriminals disguise the true destination of where their victims will click through to, posing further risks of entering websites used to conduct drive-by malware attacks as well as spam. Donbot, the botnet responsible for sending approximately five billion spam messages every day, is one of the main culprits using this technique. Links of any size all need to be treated with caution.” Since you are a cautious Internet user, you know that, right?

image

For more information on email security, checkout MessageLabs Solutions.

1 Comment

Filed under bots, Don't Get Hacked, Email, email scams, Interconnectivity, Internet Security Alerts, Malware Advisories, Online Safety, Windows Tips and Tools