Topic:

SPAM LOVELY SPAM

SPAM LOVELY SPAM

Some U.S. Government Websites Vulnerable to Spammy Redirects

Not government sanctioned.

Many Americans may instinctively believe there’s little risk in visiting any site that ends with .gov. It’s the government–their sites are secure, right? Apparently not.

Sophos’s NakedSecurity blog reports that spammers have discovered many U.S. sites are vulnerable to a simple exploit that sends the unwary to fake “work-at-home” websites.

The culprit is sloppy coding, which permits something called an open redirect. NakedSecurity demonstrated the ease with which a spammer can construct an open redirect: Read More

SPAM LOVELY SPAM

Spammers Now Phishing via Google Docs

Not government sanctioned.

In a new SecureList blog post, Kaspersky Lab researcher Vicente Diaz has described a new frontier in a relatively old online scam. Phishers, tired of building fake websites to lure victims into unintentionally giving away email addresses, passwords or even financial information are beginning to use Google Docs to siphon data from the unwary. Read More

SPAM LOVELY SPAM

Spammers Are Why the U.K. Can’t Have Nice Things

Spam. (Photo: flickr.com/arndog)

You’d think once you cleared the political hurdles, open government would be pretty simple: Create a nice portal and upload the stats. Done and done. Well, in the interest of keeping the lines of communication with constituents open, the U.K.’s data.gov included a series of forums where anyone could submit suggestions or comments. And of course, those good efforts were rewarded with, as the BBC reports, a flood of spam advertising faux luxury goods.

A quick perusal of the forums reveals subject lines like “If this were a fairy cheap nfl jerseys” and “The cabin offers ergo baby,” and the body of each post is randomly sprinkled with links to the spammers’ offerings. Project head Antonio Acuña took to the site’s blog to explain that while they do use reCAPTCHA, the program only stops spam generated by software and, somewhat ominously, they suspect that “human intervention is also at play.”

Administrators have closed the comments while they figure out what do to. They’d probably rather be dealing with spammers than Debbie Downer comments like this, though: “I can only describe it as ‘Yes Minister.’ data. Harmless. Unlikely to generate controversy. Unless access is given to the raw data, this quest for knowledge is doomed.” Ouch, Peter.