NOW READ THIS
("Security Advisory")
Submitted by: Bill Hickey
NCVA List Master
NRT-0317 "Pump and Dump" SPAM Using MP3 Files:
On 17 October, security vendors began noticing a wave of spam using MP3 audio file
attachments to trick recipients into investing in a penny stock, according to online
IT news reports. According to Sophos, the recorded voice is randomly altered so that
spam filters cannot detect it. The spam often lacks subject lines or even text in the
body of the messages; instead, it relies on the MP3 filenames, which purport to be tunes
from singers such as Fergie, Elvis, and Carrie Underwood. The MP3s are said to be of
poor quality - encoded as 16Kbps audio - and feature a syntehsized female voice reading
the sales pitch.
Analysts believe the spam is coming from the individual or gang responsible for the
Storm Trojan, and is being sent from a piece of the Storm-built botnet that was recently
split off from the core group of compromised ocmputers.
As a precaution, Sophos said companies should consider blocking - or at least quarantining -
all inbound messages that have MP3 file attachments.
Already this year, scammers have used image files, PDFs, and Microsoft Excel spreadsheets.
"What may be a success for them one week may fail the next," said Paul Wood of MessageLabs.
"When they used image spam, they eventually put it on a web site, using a free hosting
service, and then used links to draw people there," he said. "The next logical step here
is perhaps hosting the multimedia content online."
(www.techworld.com 19OCT07; computerworld.co.nz 20OCT07)