Government Technology

New Mix of Spam Techniques Uses "Read Receipts" and "Unsubscribe" Links


You May Also Like

October 7, 2008 By

Researchers from BitDefender have detected a new wave of spam messages that use a mix of "read receipts" and "unsubscribe" links to trick users into verifying the targeted e-mail addresses are valid and active. The spam campaign advertises medication for sex life improvement, such as male enhancement drugs, and when the user clicks the "unsubscribe" or "opt-out" link, it verifies for the spammer the e-mail address is valid and active, allowing the user to receive additional spam. The "read receipt" is used in a similar fashion. Under normal circumstances a "read receipt" confirms the user had received and read the message. When a spammer adds a "read receipt" to a message and the user clicks on it, it simply proves the e-mail address is legitimate and active.

To keep a system spam-free, users should adhere to the following guidelines:

  • Install, activate and update a reliable anti-malware, anti-spam and anti-phishing security solution.
  • Do not enable automatic read receipt expedition.
  • Always delete the spam messages; if you accidentally open them, display the attached images or click links within their corpus you simply indicate your e-mail account is active and available to receive more spam or you may accidentally trigger and install other malware.
  • Do not open e-mails and e-mail attachments from senders you do not know.
  • Do not open e-mails with odd entries in the Subject line.
  • Do not click any links indicated in the spam e-mails, including the "unsubscribe" link; you might trigger other malware and compromise your system's security.
  • Do not unsubscribe, opt-out or reply to any spam message; you will confirm your e-mail address is active and available for receiving even more unwanted messages.
  • When browsing the Internet, do not submit your e-mail address and personal information when requested by suspicious web pages.
  • When purchasing goods and services online, refrain from signing-up for any additional service or promotion, as well as other online subscriptions, advertised on the seller's website.
  • Use at least two e-mail addresses. Create one e-mail account and use it for your correspondence with people you know and a second e-mail account for the websites forms requiring an e-mail address to allow content access.
  • Avoid placing your e-mail address on websites, guest books, newsgroups, contact lists, shopping or gift lists.

"Users should be aware that without the appropriate security solution, the integrity of their systems is at an extremely high risk," said Vlad Valceanu, head of BitDefender's anti-spam research. "This new 'read receipt' and 'unsubscribe' spam campaign is causing a high rate of infections and proving once again the cyber-criminals' ingenuity and the increased sophistication of spamming methods."

-cmm


You may use or reference this story with attribution and a link to
http://www.govtech.com/security/New-Mix-of-Spam.html


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

GovTech Papers and Case Studies View Library


Government Best Practices


Collaboration for the Public Sector


Collaborative Justice: Transforming Criminal Justice Services Through Unified Collaboration
This issue brief examines video collaboration in every stage of the human justice process, demonstrating how this technology can not only make services more efficient, affordable, and accessible.

Cloud-Based Services Accelerate Public Sector Adoption of Video Collaboration
Today, thanks to new cloud technologies and high-quality networks, mobile video services - which provide not only cost savings but which help governmental interactions become more efficient - are more feasible than ever before.

Modernization as a Service: Acquiring IT through Innovative Procurement

Five Ways Collaboration is Driving Government Performance

Mobile Video Collaboration: The New Business Reality
 

Government Technology
Public CIO
Emergency Management
Digital Communities