NEW PHISHING THREAT:
Posting About You
Several months ago we reported on a suspicious new spam/phishing scheme we discovered. Research is continuing on this suspected scam, now dubbed the "About You" scheme, and sufficient data has been gathered to suggest that computer users should be wary of this new threat. AACUG volunteer spam trackers chased a number of these posts, all of which claim: "Someone who knows you is attempting to share experiences and opinions about you via our website." The email is very compelling, encouraging you to go to the site to discover who has inquired there about you. Of course when arriving, you must sign in before you can read the info. Of the sites tested, most of the links, including the "about" and "privacy" links produce data errors, server not found errors or simply do nothing at all.
The variations tested include passages like or similar to this:
"The purpose of this email is to inform you that a posting has been made about you at our website. This is email is not commercial in nature."
Of course, then they attempt to get you to add them to your whitelist, or skirt around spam filters:
"If this email message was delivered to your spam or bulk email folder please notify your ISP or spam filtering company regarding this mistake on their part."
All of the spams tested came to different seeded email addresses with the exact same message, and the email address embedded in the return link. Some of the receiving addresses do not have human counterparts, indicating dictionary spamming techniques in use. Additionally, according to SpamCop.net, and the UXN Spam Tracker, the messages employ link obfuscation, a typical spam technique to mask human-readable domains and confuse or divert spam filters.
- Clicking on links in these emails will automatically validate your email address. While all the spams were from different senders, branded with different names, the actual collector domain was the same.
- If your spam filter allows blocking domains found IN the message, set it to BLOCK: http://8.shyx.us/.
- To see if you've received any of these, you can search your spam storage.
Some of the 'hosting' domains are:
- find-information.biz
- APlusHosting.com
- ShareExperience.us
although we cannot confirm if these IP owners are directly involved in the offending web site. We'll keep you posted.
WARNING for all email users:
As filtering becomes more 'intelligent' and adaptive, the criminal element is developing more convincing ways of getting you to opt in, or accept their messages. For a detailed white paper on how Spammers are using increasingly sophisticated means to get their messages past adaptive spam filters, download this PDF file from Sophos.com
Return to &Else News & Views. . .
.
Photoshop FAQ
Got a question? Get an answer:In the Photoshop 911 FAQ if you don't find the answer there, you can ask your question or send your problem to the Photoshop 911 Team
Participate in your Design Center
Lots of fun and information for all... don't forget, any community is only as good as the participation of its members. We invite your tips, tricks, comments, suggestions and camaraderie.- Ask for the DT&G Monthly: to receive DT&G newsletter each month, happenings in the Design Center and regular columns like the "Mail Bag" and "Cool Sites"
- SUBSCRIBE : to the Designers' CAFE email list
- Link to this site, and then show us the link. We'll send you any of our current door prizes, just for your trouble.
- SUBSCRIBE: to the Web Design & Review email list
- READ Our Writer's Guidelines: before sending articles
- SUBMIT: a news link, new font, or product review
- SUBMIT: a link to a Photoshop web site
- Trademarks & Legal
