Wimbledon Can Make You Rich!

Wimbledon Can make You Rich‘ originally appeared on Symantec Connect.

Yes, of course. This is what the email is all about!

The 2011 Wimbledon Championship has begun in full gusto and like any other major sporting event, we started observing spam flowing in the wild targeting Wimbledon 2011 where spammers are sending online betting, casino and even online pharmacy spam through emails.

The Italian spam sample given below mimics a legitimate betting website(the name of the betting site ia deliberately ommitted). The email headers are spoofed in an effort to highlight the legitimacy of the email. The Sender domain is recently registered and shows hit and run spam characteristics. Spammer says, ‘bet risk free! Even if you lose the bet, 20 Euros will be reimbursed’.

The spam sample given below explains steps that users need to take to acquire the bonus:

1. Sign up and make a deposit into your account
2. Place your first bet
3. If your first bet is not successful you will be reimbursed up to 20 euros.

Spoofed headers are as shown below:

From: xxxx
Subject: Torna il grande tennis, con [removed] hai venti euro offerti per scommettere su chi vuoi

Translation:
Subject: The return of the great tennis tournament, come and bet on [removed] – 20 euto bets on the bets you want

Another spam sample promotes online pharmacy. The subject line for this attack is ‘British women win at Wimbledon’. Perhaps this is an effort to draw user’s attention to news related to Wimbledon.

Users have to be very careful when they do online financial transactions. Email legitimacy need to be checked before clicking on any link. One thing is for sure and that is No bet can make you rich especially if it has come through unsolicited sources.

Note: Thanks to Anand Muralidharan for contributed contents

June 30, 2011 | Filed Under Security | Leave a Comment 

Simon Ellson: Poisoned Search

Internet search is part of everyone’s lives – if we want to do some research, make a purchase, donate to charity, even apply for a job, the Internet is where we turn.

Cybercriminals are wise to this and use something we call search engine poisoning  to direct people to compromised or illegitimate websites that, in turn, will attempt to scam you or install malware.

Hackers and cybercriminals either create malicious websites which they optimise to appear high in search results, or compromise legitimate sites by inserting malware. Examples of this include the recent earthquake in Japan which saw criminals creating fake donation websites, and the recent sale of Olympics tickets. Cybercriminals are quick to jump on trending topics and breaking news – they are always looking for opportunities where they can gain financially.

This is something that the search engine operators, and we in the security community, are developing and deploying solutions for.

At Norton, we have created free software called Norton SafeWeb which marks up search engine results with a tick or cross, to help people avoid compromised or bad URLs. The best thing is that you don’t have to be a Norton customer to use it and it’s completely free. It warns you of unsafe search results, prompts you if a website has a potentially dangerous download on it and also alerts you of suspicious e-commerce activity.

June 23, 2011 | Filed Under Security | Leave a Comment 

Introducing: Simon Ellson

On It’s Not A Con we’re going to be introducing a couple of new contributors, the first of whom is Simon Ellson, our Director Consumer Sales, Northern EMEA.

A consumer security expert, Simon’s role is customer focused, managing Norton’s cross channel multi-level retail, ISP, online and OEM business model.

Simon’s specialty is identifying trends in Internet security and introducing consumers to ways of protecting themselves online.

With a considerable background in technology, Simon’s experience and knowledge will be a valuable addition to It’s Not A Con.

Outside of Internet security, Simon is a keen fan of rugby, squash, golf and motor racing.

Simon will be sharing his thoughts and insights twice a month.

You can also follow Simon on Twitter, @simonellson

June 2, 2011 | Filed Under Security | Leave a Comment