Shady spammers getting more creative with links

Posted September 4th, 2008 at 10:56 pm by Ryan
Categories: All-New Mail, Anti-Spam, Classic Mail, General, Security

It’s dawning on me that the shady emailers have no intention of dialing back their malicious messages, so I might just have to ramp of the amount of warnings I post here. Take that “Mr. Rasim Hassan of Burkina Faso”!!! By the way, no offense to any actual Rasim Hassans out there. It just so happens that the most recent “claim these millions” style message came from a Rasim Hassan.

While I’m hopeful that more and more users are aware that Yahoo! lotteries asking for your personal dossier, as well as wire transfer requests to receive unclaimed fortunes, are dangerous, it could be even more important that people recognize the dangers of deceptive links in messages.

You’ve often been warned about clicking links within unexpected emails. A common approach is to link you over to a spoofed login page to collect your password. In the beginning scammers didn’t worry much about what the link looked like. Once people began looking more closely at the domain in the hyperlink the scammers started creating links that looked like they pointed to one place, but when you put your mouse over them you would see that the link actually directed you elsewhere.

Now, the NY Times has reported that malicious spammers are finding new ways to make their links look more legitimate. The latest trend is….(drumroll)….free web services!

Jeremy Kirk, in a recent story from NYTimes.com, explains:

One of the services, a photo-hosting site called ImageShack, lets people upload different types of photo formats, including Flash files, said Paul Wood, a senior analyst with MessageLabs.

Flash files, which have the extension “.swf”, can be used for animated graphics and can also be used to automatically redirect people to other Web sites. That feature can be abused.

I recommend checking out the complete story, when you have a chance. But also remember that whenever an email directs you to a site (typically where you have an account and would need to login), you should instead visit the site via typical methods (bookmark, typing URL by hand, even a web search). If there is something significant going on with your account they will usually tell you when you login. If you feel that you absolutely HAVE to click on the link in an email you should examine it closely before clicking on it!