Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":613,"date":"2016-07-28T16:29:06","date_gmt":"2016-07-28T16:29:06","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=613"},"modified":"2019-04-17T11:25:13","modified_gmt":"2019-04-17T11:25:13","slug":"belarus-new-spam-champ-summer-spam-scams-take-off-cloudmark","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2016\/07\/28\/belarus-new-spam-champ-summer-spam-scams-take-off-cloudmark\/","title":{"rendered":"Belarus New Spam Champ, Summer Spam Scams Take Off: Cloudmark"},"content":{"rendered":"

\"trophy4\"Summer is in full swing here in the northern hemisphere, and that means cold drinks, hot sun, barbecues, and depending on your proclivity for dangerous aesthetics, sunbathing. But it also means that the spammers, those mavens of all things ridiculous and moronic, are in full swing, hitting your email addies with arguably ingenious campaigns designed to make you lower your guard and open up your wallet.<\/p>\n

Not ones to miss an opportunity, the spammers and scam artists haven\u2019t missed a beat, according to security firm Cloudmark<\/a>, which recently released its Global Messaging Threat Report for the second quarter of 2013. The report hones in on some of the more prominent campaigns that spammers are using to get our attention, and not surprisingly, summer themes are in full swing. Cruises and dieting top the list, and at their peak during the quarter constituted more than 20% of all the SMS spam messages being delivered to mobile devices. While the numbers reported were for SMS, it\u2019s reasonable to infer that email spam followed the same trends.<\/p>\n

Non-summer themes were represented by the usual cadre, with the ever-dangerous bank phishing attack coming in at just over 20%, and adult-themed spam a close second at just under 20%. Most notable, however, was that gift card spam virtually dropped off the map, and Cloudmark notes that the FTC\u2019s action in March<\/a> to target gift card spammers is the likely reason.<\/p>\n

Diet and hacked domains<\/strong><\/h2>\n

Those getting ready for that speedo or string bikini are a prime target for spammers. June saw a massive spike in diet schemes using hacked domains, Cloudmark\u2019s research uncovered. Drawing from a large number of compromised domains allowed spammers to keep the emails fresh and thus avoid detection. Cloudmark also noticed that phishing attacks rose sharply in the second half of the quarter, but a new twist was the way phishers \u201cdiversified their attacks with efforts to steal email, mobile, and social media accounts,\u201d which could then be used to steal sensitive personal information.<\/p>\n

Web hosting a target<\/strong><\/h2>\n

Interestingly, Cloudmark also saw a dramatic increase in the number of compromised Web hosting accounts, and the firm noted that 60% of those domains were still under the control of the spammers a month after being compromised. \u201cThe same accounts are being used by different spammers, so we believe that one or more criminals is specializing in compromising these accounts, and is renting them out as a service to a collection of miscreants.\u201d Cloudmark notes that these hosting sites are a choice target due in no small part to the \u201coutdated software with known vulnerabilities that are trivial to exploit.\u201d<\/p>\n

Cloudmark uncovers the technology behind these attacks, and it\u2019s surprisingly easy. \u201cSpammers do not need root access to the account in order to take advantage of it. All they need is a PHP shell, and they exploit a number of different vulnerabilities in order to obtain this access. By far the most common technique at the moment, accounting for 60% of all compromised accounts, is an SQL injection attack in Joomla 1.5, which allows a reset of the admin password. This bug was patched in 2008, but many web sites have not updated their Joomla version since then.\u201d<\/p>\n

My country \u2018tis of spam<\/strong><\/h2>\n

Perhaps the most interesting facet of Cloudmark\u2019s report is IP blocking that Cloudmark recorded during the second quarter. Unsurprisingly, Romania and the United States remain at the top of the heap in terms of volume, with both nations hovering around three million blocked IPs during the period. But what was remarkable was the growth of blocked addresses coming out of Belarus. Although the country\u2019s overall number is relatively low, its percentage of blocked IP addresses has shot up to more than a quarter of its total IP address space, at 27.4%. This is in contrast to January of this year, when approximately five percent of the Belarus address space was being blocked.<\/p>\n

Speaking to PC Magazine<\/a>, Cloudmark researcher Andrew Conway pointed out that because Cloudmark was \u201cblocking so much of Romania that spammers started moving to Belarus and Russia,\u201d and that \u201cspammers will follow the path of least resistance.\u201d Cloudmark did notice a revers in the trend near the end of the quarter, with Romania\u2019s numbers increasing, while Belarus and Russia declined slightly. \u201cIt is possible that hosting companies in Russia and Belarus realized spammers were exploiting them and tightened up their security, forcing the spammers back to less selective hosting companies in Romania.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Summer is in full swing here in the northern hemisphere, and that means cold drinks, hot sun, barbecues, and depending on your proclivity for dangerous… <\/p>\n","protected":false},"author":3,"featured_media":618,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,14],"tags":[11,9,10,8,7],"class_list":["post-613","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-spam","tag-allspammedup","tag-bot","tag-botnet","tag-malware","tag-spam","jsn-master"],"_links":{"self":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/613","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/comments?post=613"}],"version-history":[{"count":2,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/613\/revisions"}],"predecessor-version":[{"id":1743,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/613\/revisions\/1743"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media\/618"}],"wp:attachment":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media?parent=613"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/categories?post=613"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/tags?post=613"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}