Instant messaging spam attacks

Filed Under: SophosLabs, Spam

A problem that has been around for a while is that of instant messenger spam. The impact it has on a victim is only worsened by the fact that one's friends and family are also affected.

Spam is a persistent problem and so long as it's profitable for nefarious characters then it will continue to be an endemic feature of e-mail. Security companies all warn of the pitfalls associated with being 'duped' by phishing attacks and malware download attacks and that they can be detrimental to one's well being. But when these cyber-assaults come in a form that have not been previously seen or acknowledged to the same degree of mail-bourne attacks then the frequency of victims does dramatically increase.

For the past couple of weeks while connected to a well known instant messaging service I've been barraged with chat messages from (seemingly) numerous people offering to be a friends or indeed claiming to be long lost acquaintances. The messages delivered contain the usual drivel intended to entice an unsuspecting victim to a phishing site, or a location that hosts malware.

"Hi,It's jemma here .... "

Another fantastic example is websites that supposedly inform a user which of his friends has blocked/ignored them on their list. This information supposedly allows you to determine which of your friends currently doesn't want to speak to you! Wow, nice feature, eh?

 An example of MSN spam

In addition to these requests I was being messaged by a friend already on my contact list. She would appear online, send the the message and then depart to the real world once again. Odd behaviour, no? This is typical behaviour found in some malware that actively try to infect other systems by playing on the user's trust. This link is a Pandora's Box. The notorious features of this malware then make you a danger to those you hold dear, your family and friends.

Now, while this may be returning to well-trodden ground, as with the majority of warnings, it must be highlighted that these types of attack are designed to catch people off guard or fool the less internet savvy ones among us into installing software or divulging sensitive information. Obvious things are only obvious when you know how to do them and this is definitely the case for spam: The Egg of Columbus [1].

So again, in summary, the message here must be vigilance. It seems that a large proportion of my blog entries are orientated towards this wonderful buzz word; the reason being that small quantities of it can save many headaches. The result of awareness means that instant messaging attacks will not be profitable for the hoodlums in the world and therefore will not become as much of a problem as e-mail spam.

  

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s