Tuesday, July 31, 2007

The Simpson's Movie sparks spam blast

Homer in his underwear isn’t as innocent as he appears

By Cara Garretson, NetworkWorld.com, 07/30/07

Spammers are jumping on the success of The Simpsons Movie to trick e-mail users into validating their addresses, so they can then send them more spam.

Since the launch of the movie on July 27 spammers have been sending messages with an embedded picture of Homer Simpson in his underwear. The text asks if the recipient plans to see the new movie and to fill out a related survey by following an embedded link. If the recipient clicks on the link, the Web site records the e-mail address – now knowing that there is a valid user – and sends the address more spam.

The spam message also promises to award a prize to those who fill out the survey, according to antispam vendor SpamFighter, which `caught The Simpsons Movie spam in its filters.

While this new spam blast uses a hot pop-culture topic to entice recipients, the purpose of the spam is a throwback to the early days of e-mail abuse. Unlike phishing scams of late that try to extract personal or financial information from users or e-mails with hidden malware that installs bot nets on unsuspecting PCs, the Simpsons’ scam does nothing more than validate the legitimacy of the address, and then spam some more.

Another recent abuse that used the release of a Harry Potter novel and film to entice recipients was also comparatively benign; the W32/Hairy-A worm infected PCs and displayed a file that said “Harry Potter is dead,” among other messages, but didn’t download malware or attempt to extract information from the user

No comments: