Saturday, April 07, 2007

Spam: latest innovation - social engineering by consecutive email threads and using process patents as an offensive weapon

Diabolical. Really, any non-geek online doesn't stand much of a chance these days.

The latest innovation in my spam employs an automated incremental social engineering strategy. I received 4 messages over a period of two days from an aol.com address. They went to my junk email account (yahoo.com) but evaded Yahoo's quite good spam filters [Google's filters are also failing recently, must be another new innovation]. They are written to sound like emails sent accidentally to the wrong person, with language and style that's apparently designed to be "appealing"
i'm wondering if you were able to open my card
i didn't realized you called my cell untill my tango class
you won't believe richard called me around 1 pm like nothing happened,
he was asking me if i want to joined him and his friend for dinner
i said i have to prepare my report for trump, and it's true
the man is not all there, i sent him e-mail tonight
The key innovation is that they're progressive and not nonsensical. The early messages are benign, but the later messages include links and images. I imagine the idea is that the recipient is lulled into thinking these are "legitimate" and thus relatively trusted, and eventually responds or interacts with the messages. Then the payload is delivered.

It's easy to imagine how sophisticated these schemes will become.

I've read that spam fighting is now limited by a range of process patents on techniques like 'managed reputation filtering of authenticated sending services'. I wonder if the spammers hold the process patents. It would make sense for a spammer to use process patents to block all possible spam defenses, thereby turning the defective (Bush/Cheney strangled of course) US patent office into an offensive weapon. Rather similar to a pathogen turning an organisms immune system against it.

I expect we'll have to wait for Cheney/Bush to retire before we see any redress.

No comments: