"This is a simple but clever form of social engineering. It is personalized by taking the name component of your e-mail address and inserting it into the spam subject line. It is not a new trick by spammers, but it is proven to get your attention," said Bradley Anstis, Vice President of Products at Marshal. "In addition, the message seeks to embarrass you by claiming to have video footage of you naked. The spammers are clearly hoping to shock unsuspecting recipients into investigating this compromising footage. In their haste to look into the claim, some people might not consider the link in the message leads to Malware ," explained Anstis.
According to Marshal, the Srizbi botnet is responsible for sending out the new spam. Marshal identifies the Srizbi botnet as the largest spam-sending botnet currently on the Internet, responsible for 45 percent of all spam caught by Marshal's TRACE Team. Other researchers have identified Srizbi as the world's largest current botnet, comprising 315,000 bots and responsible for an estimated 60 billion spam messages per day.
"We consider Srizbi the biggest current spam threat. In December last year, we attributed 20 percent of the spam we caught to Srizbi and now it is more than double that. It is also more than double the next biggest botnet in terms of its spam volume. We have observed individual Srizbi bots sending as much as 8,000 spam messages per hour," said Anstis. "The Storm botnet still garners the lion's share of the media's attention and it was certainly a major pioneer in botnet development, but today it is responsible for just 1 percent spam. The biggest lesson that Storm taught spammers was the power of simple social engineering as a means of infecting computers and propagating your botnet. The simplest tricks are the best and this new one certainly fits the criteria."
