Spam masks itself as news to evade filters
07-29-2008, Tulsa World - Robert Evatt
http://www.tulsaworld.com/busi . . . 9_52_E1_spancl963744
"Cheap Viagra online"? That's got to be spam.

"Your account is about to expire"? That might make some pause for a moment, but nowadays most people know it's spam.

But an e-mail titled "Oil drops to $100 per barrel"? That'll get people clicking.

Spam e-mails continue to evolve as filters get better and people get more savvy with technology. The latest pitch for clicks is to disguise the subject line as news, the Poynter Institute for Media Studies said in a recent report.

Gavin Manes, the founder of Digital Forensics Professionals Inc., said that although the subject line may be different, the e-mails themselves are the same old spam that have hassled people for years.

"They're playing on the need and the want for news, but the delivery method is identical," he said.

The e-mails can carry a wide variety of headlines, usually something sensationalistic. Examples include "Negotiations between USA and Iran end in war," "Dog digs grave for owner" and "Will Smith found dead in bathtub."

But the contents are either an advertisement, a link to pornography, or a link trying to trick people into downloading spyware or a malicious computer worm, Manes said.

"The e-mail asks you to download a viewer to see the news," he said.

Robert Ashworth, a senior solutions architect with Peak UpTime, said the new spams likely aren't having a major impact on larger businesses because of security measures most of them have.

"More and more companies are instituting firewalls and spam-blocking software, so often these mails are blocked before people can even see them," he said.

But Manes said that smaller businesses and individuals who don't have basic security could be at risk if they aren't using a basic spam filter and malicious software removal tool such as Lavasoft's AdAware or Microsoft's free Malicious Software Removal Tool.

Microsoft Corp. says its tool has helped dismantle several botnets, a series of infected computers that most often pump out spam without their users' knowledge. Manes, however, pointed out that users still have to choose to install and use the tool.

"The tool doesn't automatically come to you; you have to get the tool and manually use it," he said.

Ashworth said the telltale signs of spam are still hidden in the news e-mails: a plea to forward it, an unknown sender, and links to unfamiliar sites.

"Don't click on links in e-mail unless you know it's from a valid source," he said.

Manes said that if recipients of questionable e-mail are curious to see whether the bold headlines are true, they can visit regular news sites or urban myth-busting sites such as www.snopes.com or hoax-slayer.com.

Still, news spam is just the latest flavor of the electronic pest, and Manes said he expects it to keep adopting new techniques.

"I got one today that used Google's ad words that appear alongside my search results to put together something I really cared about, and I almost clicked on it," he said.