Google Says Spam, Virus Attacks to Get More Clever

← Back to Stories (view on slashdot.org)

Google Says Spam, Virus Attacks to Get More Clever

Posted by CmdrTaco on Monday March 10, 2008 @04:39AM from the also-good-feels-good dept.

eweekhickins writes "Google's Postini team says new attacks will take the form of sneaky viruses that will blend with spam, leveraging specific current events, such as the Super Bowl or the Summer Olympic Games. Better yet, virus attacks will target executives at companies whose intellectual property is deemed valuable on the black market. A lot of these attacks will masquerade as legitimate business agencies, such as the Internal Revenue Service, the Better Business Bureau and the SEC."

6 of 108 comments (clear)

Min score:

Reason:

Sort:

SSDD by SnoopJeDi · 2008-03-10 04:46 · Score: 3, Interesting

These attacks will masquerade as legitimate business agencies

The bastards!! I'd better warn my associates in South Africa.

Seriously, TFA comes off as a padded version of "uhm, so...they're probably going to keep finding new ways to do this...since that's what they already do". The report itself looks to hold a little more substance, but then, I guess it's hard to make news out of spam that doesn't involve a big shift in the court, because it's pretty boring by definition.
ASCII art by Nimey · 2008-03-10 04:51 · Score: 4, Interesting

I've been getting a few spams lately that are ASCII art advertising for "viagra". Fairly clever way of getting past the filters, anyway.

--
Hail Eris, full of mischief...

E pluribus sanguinem
Time for PGP/SMIME to go mainstream? by mlts · 2008-03-10 05:18 · Score: 3, Interesting

Decent cryptographic technologies have been with us for a while. I wonder about someone like Verisign making an EV-like system for E-mail certificates, where people/companies/organizations can apply, and after a thorough vetting, get a certificate (preferably on a hardware cryptographic token) that that person is whom they claim to be. Of course, E-mail clients like Thunderbird, mail.app, and Outlook would have to be updated to show that a mail is authentic.

This would help against spam similar to how anti-phishing technologies in IE and Firefox protect against bad websites, but its still not perfect.

S/MIME and PGP are strong technologies to help against fraud. I just wish more companies would send out mail with it. For example, one could register a PGP public key with a shop, and when the shop would send E-mail, it would send it signed, and encrypted to that key. Even just using S/MIME's signing capability which works with virtually any E-mail client [1] would help matters greatly.

[1]: Even pine and mutt support S/MIME. A lot of cellphones support this functionality as well, such as all recent Windows Mobile devices and Blackberries.
phishing attacks against irs.gov by swm · 2008-03-10 05:45 · Score: 3, Interesting

I've already seen two of these.
One was an ordinary phishing attack.
The other gave a URL in a valid subdomain of irs.gov
So either
- the attack was broken (certainly possible)
- the attack was relying on DNS cache poisoning or compromised servers
Like the numbers stations by GlobalEcho · 2008-03-10 05:47 · Score: 3, Interesting

I've sometimes wondered how much (if any) spam is actually just a numbers station.
What happened to "Bayesian Filters"... by Joce640k · 2008-03-10 08:14 · Score: 3, Interesting

Whenever I mentioned spam a few years ago all the geeks would tell me that Bayesian Filters would totally solve the problem.

What happened?

--
No sig today...