Hit-and-Run spam attacks beating filters, infecting PCs
USA Today reports on the most recent fast and furious spam attack that used a threat of tax problems with the IRS to trick people into opening and infecting their computers. The quick blast and the fact that downloading the "IRS" let spammers send out even more messages left even more computers in the hands of spammers.
Richard D G Cox, CIO of The SpamHaus Project which is non-profit dedicated to fighting spam, told WalletPop that, "The IRS malware attack mentioned in the article was notable for its intensity and relatively short duration, but there have been thousands of similar if not quite so prolific attacks over the last few years. However, since most users are now familiar with IRS-based phishing attacks, recipients are already wary of responding in any way to messages claiming to be from the IRS."
While spammers do appear to be focusing their efforts more on controlled bursts of spam to beat filters rather than using botnets to send out the same phishing email for months on end, it isn't necessarily new. This chart of spam flow statistics from SpamHaus illustrates the amount of spam sent during the last month.
The Max spam detected was 5,000 emails per second which equates to 432 million emails per day!
How to protect yourself:
SpamHaus presents several specific steps you can take to protect yourself from spam and play a part in cutting down the amount of spam. For example; don't send "removes" back to spammers and don't sign up for "Global Remove Lists," both of which will simply result in more spam arriving in your inbox. They also provide a link to myNetWatchman, a tool that is designed to help "computer novices" determine if their computer is infected and being used to send spam.
In addition to these tips, you should make sure that you are running an-up-to-date antivirus program and using common sense. If you find that your personal email account is routinely the target of spam you may benefit from using a service like Gmail which provides a good spam filter and helps identify potentially dangerous attachments. Gmail also lets you open up word, excel and pdf files through an online service which puts an extra layer of protection between you and your computer.
The next time you get an email from the IRS, UPS or FedEx, ask yourself this question. Am I really expecting a package and how did they get my email address?