emailscam
Latest
AI’s latest application: wasting email scammers’ time
Schadenfreude is one of life's simplest pleasures -- especially when the victim in question is an email scammer. That's the service Netsafe's Re:scam provides. Simply forward your Nigerian prince emails to the service and it'll use machine learning to generate conversations to waste the nefarious Nancy's time. The idea is that any time jerks spend engaging with the bots is time that can't be used to target hapless victims. People have passed some 6,000 emails Re:scam's way this week alone, and apparently there were 1,000 concurrent conversations at one point. So far the longest email chain has involved 20 exchanges, according to The Guardian.
Google and Facebook named as victims in $100 million scam
The tech companies that fell victim to a $100 million email scam reported in March are no inexperienced newbies fresh off their first funding round. According to Fortune, they're none other than Google and Facebook. When the incident was first exposed, feds revealed that they arrested a Lithuanian man named Evaldas Rimasauskas for perpetrating the phishing scheme. However, they chose to keep the companies' identities a secret. It became pretty easy to find the victims once Taiwanese parts supplier Quanta Computer admitted that the scammer used its company's name.
Nigerian email scammer stung by his own malware
With more and more internet users now wise to email scams, scammers are utilizing increasingly advanced techniques to stay one step ahead of their targets. A pair of researchers recently stumbled on a new a "wire-wire" technique that earned a 30-strong group of Nigerian scammers as much as $3 million a year, at least until one prominent member accidentally infected himself with his own malware. IEEE Spectrum reports that SecureWorks security experts Joe Stewart and James Bettke were alerted to this new kind of attack in February after they stumbled upon a keylogger that was sending unsecured data to an open web server. They watched for months as the ring collected keystrokes and screenshots of important documents from unsuspecting users. But because the malware was running on the scammers' computers too, it also gave them an important insight into who was behind the thefts, the tools that were used, the names of the affected businesses and the sums of money being transferred to third-party accounts.
Don't get hooked by this Apple Store phishing campaign
Apple fans beware! A new email phishing campaign dangling a bogus US$200 Apple Store gift card as bait to snag unsuspecting victims is making the rounds, according to security firm Webroot. The email that arrives (see image above) looks strikingly similar to those that are sent by Apple, using the Apple logo and similar type styles. As usual with phishing campaigns, this deal sounds too good to be true -- all you need to do is click a download link or open an attached file, and voila! A $200 gift card is yours! Well, not really -- instead, performing either task installs Java-based malware that can pull personal data from your computer. That data could be enough to make you the victim of identity theft if you fall for this deadly hook. Apple never just randomly sends out gift cards. In cases where the company has provided gift cards to customers, they're in much smaller amounts and done for some specific reason -- like a rebate on a previous purchase. Apple also never displays a link to an external site or requires the download of an attachment. Another tell -- Apple never refers to customers as "clients." So, if you get an email in the next couple of months telling you about a $200 Apple Store gift card that you've magically received, dump it immediately. Do not click the link, and most assuredly do not look at the attachment. Be sure to pass this warning along to your less tech-savvy friends who might not read TUAW. [via MacNN]
