Spam Dropped Last Week. Are You A Victim?

You may or may not have heard the news last week, but spam traffic dropped by 50 to 70 percent last week after two Internet Service Providers (ISPs) cut off Internet access for hosting company McColo in California last week.

If you’re not familiar with these terms, a hosting company provides computer service and equipment for other companies and individuals. A hosting company typically offers storage service for email and web sites. An ISP provides companies and individuals with access to the Internet.

In last week’s case, McColo, a hosting company with locations in Delaware and California, was providing hosting services to several companies and individuals who used the McColo’s computers to distribute viruses and spyware via spam and harmful web sites. Many of the sites and messages dealt in pharmaceutical drug sales and child pornography. These companies were paying McColo for the use of their computers, and despite the illegal activity McColo ignored it.

McColo’s host computer center in San Jose, CA was connected to the Internet via several Internet Service Providers.  Two of the providers took it upon themselves to deprive McColo of Internet access and shutdown the Internet connection. Within seconds the level of spam traffic worldwide dropped by 50% to 75% according to several spam watchdog services such as Spamhaus.

Consumer Risks: “XP AntiVirus Protection” and “AntiVirus 2009″

If you downloaded either of these two programs then you can probably count yourself among the victims of this incident. “XP AntiVirus Protection” and “AntiVirus 2009″ were fraudulent programs distributed by several companies and individuals who were provided hosting services by McColo.

AntiVirus 2009

XP AntiVirus

Help Yourself, Help Your Computer

If you downloaded either of these programs you should remove them immediately. To do so:

1. Click Start > Conrol Panel
2. Click or double-click “Add/Remove Programs”
3. Locate and click each of these programs on the list and click “Remove”

After removing these programs, go to http://pack.google.com and download, install, and run “PC Tools Spyware Doctor” and “Norton Security Scan” to remove any traces of these programs and the harmful software they may have added to your computer. Users of Lavasoft’s Ad-Aware 2008 software may want to run an additional scan of their system for through cleaning. You may need to scan your system three times to fully clean out these programs.

Click here for more news

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.

Subscribe to the comments for this post

ID Theft: It’s in the family

A lot of time has been spent in this blog discussing spam and false or misleading identities associated with spam, but I have yet to tackle the subject of identity theft until today. It came to a few days ago while reading the morning news.

Did you know that 47% of all identity theft cases are traced to family members, relatives, friends, and neighbors? Similarly, 36% of all Identity theft victims know the person who misused their information?

It’s my opinion that most people think that most identity theft occurs online then anywhere else, but a study in 2006 reveled that 90% of all identity theft takes place offline. The primary sources of theft are through lost or stolen wallets, checkbooks, and credit cards. Garbage cans and refuse are decreasing as sources of theft as nearly 70% of all consumers shred their documents before throwing them out, so the trash is now responsible for less than 1% of identity theft sources.

ID Theft Trends by Age Group

• The 65+ age group has the smallest number of victims (2.3%)
• The 35-44 demographic age group has the highest average fraud amount ($9,435). No connection was found between the age group and Internet usage. Most fraud cases arose from offline areas such as lost cards, checkbooks, wallets, and carelessness in leaving personal information in an accessible area.

Four Misperceptions Surrounding Identity Fraud

Misperception #1: “Consumers are helpless to protect themselves”

• In 63% of fraud cases, the point of compromise was either theft by close associates of the consumer (friends, family, neighbors, etc.), lost or stolen wallets, cards and checkbooks, breached home computers or stolen mail or trash.
• Consumers detect almost half (47%) of identity fraud cases. Self-detection is faster (averages 67 days vs. 101 days), results in smaller average fraud amounts ($4,431 vs. $8,466) and smaller consumer costs ($347 vs. $538).
• A key way to detect fraudulent accounts is through credit monitoring / reports. Eleven percent of fraud cases were caught via this means.

Misperception #2: “Consumers bear the brunt of the financial losses from identity fraud”

• Average out-of-pocket cost for identity fraud victims is $422.

Misperception #3: “Internet use increases the risks of identity fraud”

• Less than 10% of identity theft cases occured online.
• Internet use can lead to lower damages from identity fraud.
• Electronic account monitoring is the fastest way to detect fraud and leads to lower losses - (22 days and $3,806).

Misperception #4: ” Seniors are most frequent targets of fraud operators”

• Generation X (ages 25-34) has the highest rate of identity fraud at 5.4 percent. The average fraud amount for this demographic is $6,270 as compared to the average fraud amount for the 65+ segment which is $2,665.

Identity Safety Tips That Can Protect Consumers

from the Better Business Bureau

PREVENT access to your personal information

• Do not release Social Security or account numbers in response to e-mail, phone or in-person requests. When responding to e-mail, ignore any Internet links provided and type the full address instead.
• Keep all sensitive documents, checkbooks and credit cards securely locked away at home and at work.
• Carry only those credit cards that you need in your wallet.
• Before discarding, shred all private documents.
• Retrieve paper mail promptly and place outgoing checks or other sensitive documents in a U.S. Postal Service mailbox.
• Sign up for automatic payroll deposits.
• Replace paper bills, statements and checks with online (paperless) versions.
• Keep passwords hidden (even in your own home) and change them frequently.
• Use and regularly update firewall and anti-virus software.
• Do not respond to suspicious e-mails. Delete them, and if there is any doubt contact the company to determine if the e-mail is real.
• Don’t discard a computer without completely destroying the data on the hard drive.

DETECT unauthorized activity

• Review bank, credit card and biller statements weekly - available through online account access.
• Contact your financial provider if you fail to receive statements in a timely manner.
• Review your credit information regularly (free annual reports are available at www.annualcreditreport.com or call 1-877-322-8228).
• Use e-mail-based account “alerts” to monitor transfers, payments, low balances, withdrawals, or detect any out-of-pattern activity.
• Visit your bank’s, credit card issuer’s or biller’s web site(s) frequently to monitor regular account activity.

RESOLVE fraud promptly, minimizing losses and protecting your credit record

• Ask your financial provider about zero-liability guarantees against fraud and dedicated resources to help you resolve and recover from any potential losses.
• Victims of theft: notify your financial providers, begin monitoring your accounts more frequently, and place an “alert” at all three credit bureaus (Equifax, Experian or TransUnion).
• Alert federal and local law enforcement if you suspect or detect identity fraud.

More Online Resources

• ID Theft State by State
• How Safe Are You? Take an Identity Safety Quiz at www.idsafety.net
• Better Business Bureau: www.bbb.org/idtheft
• Checkfree: www.checkfree.com/idprotect
• Federal Trade Commission: www.consumer.gov/idtheft/
• VISA: www.visa.com/security
• Wells Fargo: www.wellsfargo.com/privacy_security/fraud_prevention/

Statistics by Javelin Strategy and Research:

About Javelin Strategy and Research
Javelin provides research-based strategic direction for financial services, payments, e-commerce, and identity fraud. Javelin rigorously researches technology issues, industry trends, attitudes and activities of consumers, small businesses, institutions, processors, merchants, billers, and other organizations in order to deliver relevant, high-impact strategic guidance. Javelin can be found on the Web at www.javelinstrategy.com. For more information on this project or other Javelin studies, visit www.idsafety.net or www.javelinstrategy.com/reports/

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.

Subscribe to the comments for this post

33 percent of all spam ended yesterday

Sort of….

The FTC (Federal trade Commission) won a preliminary legal victory against the world’s largest spam gang  by persuading a Chicago Federal court to freeze the gangs assets and to order their spam network shutdown.

The spam gang, known by spamfighting agencies as HerbalKIng, had a networks of 35,000 computers which which could send out 10 billion spam messages a day.  Many of these computers were owned by people who didn’t know their computers had been remotely commandeered to send email on behalf of the spammers.  The network had ties in the United States, China, India, New Zealand, and Australia. The network was referred to as the “Mega-D Botnet”.

If you’re unfamiliar with the term “botnet, here’s an explanationation from SearchSecurity.com:

A botnet (also known as a zombie army) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie - in effect, a computer “robot” or “bot” that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. According to a report from Russian-based Kaspersky Labs, botnets — not spam, viruses, or worms — currently pose the biggest threat to the Internet. A report from Symantec came to a similar conclusion.

The network was purportedly responsible for a third of all spam at one point, and had been collecting $400,000 in Visa charges in one month.

The spammers had been sending messages hawking various pharmaceuticals and male-enhancement drugs. The charges brought against them are more than just spamming counts, but the charges also include making false claims about their product, selling pharmaceuticals without a prescriptions or doctor’s intructions, and selling drugs from countries such as Indie which aren’t regulated or approved for sale in the US.  Many of the drugs being sold had harmful side effects.

The FTC’s investigation aginst this organization had been ongoing for over 2 years.

Here’s a bio about HerbalKing from Spamhous spamfighting organization:

HerbalKing is a massive affiliate style spam program for snakeoil Body Part Enhancement scams (penis enlargement). It has also done spam campaigns for replica luxury goods, pharma (counterfeit pills) and porn. Spam arrives via botnets with spamvertised sites on “bulletproof” hosting offshore, particularly in China. The group also uses fast-flux hosting, running sites on hacked botnet PCs.

HerbalKing, with connections to India (possibly due to pharmaceutical supplies), rivals the traditional Eastern European spam gangs for volume and criminal botnet methods of its spam. “Tulip Labs” appears to be the source of HerbalKing’s herbal remedy products. The main operation may be run out of New Zealand or Australia by long-time spamming brothers Lance & Shane Atkinson. (see: http://www.geekzone.co.nz/juha/2237 )

There are hundreds of SBL listings related to HerbalKing but some may not be linked to this ROKSO due to the tremendous number of identities and domains used by the program. Lists of domains should be considered examples of that abuse of domain name space, not comprehensive lists of their registrations.

Read more at the FTC’s web site; the NY Times; and the ars technica web site.

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.

Subscribe to the comments for this post