Advertise with us

Home Op-Ed Tech Wise by Peter Vogel Malware email turns a profit

Malware email turns a profit

E-mail Print
AddThis Social Bookmark Button
Despite anti-spam laws, junk mail finds a way into Canadian accounts
(Caption: While the Canada Post mailman is sadly going the way of the dodo, Peter Vogel writes that junk email is still going strong, and a profitable venture. Photo credit: Preztelpaws / Wikipedia)
Even though Canada has strict anti-spam laws, the volume of junk and malware-laden emails landing in my inbox has not diminished appreciably. 
Clearly spam mail remains a profitable venture for scammers, no matter from where they operate. Email remains a cheap, effective means of drawing in people around the world.
As long as email remains essentially free, the junk/malware problem is likely to persist.
A token per-email charge would quickly change this business model. For now, all that an individual needs to pull in significant money is a means of sending large volumes of email, a bit of social engineering skill, and an electronic method for collecting incoming money.
It's that social engineering that lies at the heart of these very basic scams. Craft an email message that may get someone to click on a link, and you are in business. Send that message to enough email addresses (the scammer may have to buy these in bulk), hoping for a click rate of even a small fraction of one per cent, and the return should be pretty good.
To increase that click rate a little bit the scammer just needs to improve the social engineering aspect. Perhaps target medium sized businesses that are likely to use voice mail systems that generate emails.
Send your potential victims an email crafted to look like such a voice mail message and watch what happens.
Many such systems use very similar interfaces, often left in a default state. The messages look innocuous enough that people may well click through when they receive one of these.
It's a simple task to have that click generate some other action, like contacting everyone in the recipient's contact list with a payload that could carry out any of a number of activities.
Perhaps the scammer wants to be able to control a large network of computers, a so-called botnet, for some later project. Perhaps the scammer simply wants to harvest a new crop of email addresses for resale in bulk. More nefariously, perhaps the click sets off one of the Cryptolocker variants which I have written about previously.
These Cryptolocker variants represent the top of the food chain, so to speak, in current email and website-based attacks, in that they essentially encrypt typically valuable files (such as documents and photographs) until a ransom on the order of $500 is paid.
You might think that the scammers behind such an action surely wouldn't hand back your files upon payment, but in fact they do. They have developed an extremely lucrative business.
There is no shortage of viable scams in the corporate world. Courier service emails ("click here to track your parcel") are commonplace, and who hasn't seen a bank account problem ("click here to update your account information") email of late?
Recently a colleague mistakenly clicked on something he probably shouldn't have, and within minutes everyone in his address book, pretty much anyone he'd ever contacted, had received a rather short email with the subject tag "Account report" and a body statement "I have sent you the account report. Please download and view the attachment."
Aside from the vague reference to an "account report," the file format aroused suspicion for some (it was a zip file). However, to improve on the social engineering, the attached file had the name
That "219" matched the date, Feb. 19, on which the scam was operating. A recipient of this malware might well think that the document was of some personal importance, appearing to be dated in that manner.
Fortunately the colleague recognized something was amiss and he quickly pulled the network cable from his computer, halting outbound email. Around the same time a mail filtering service recognized the unusual volume (and content) of the outbound mail and it halted transmission in my colleague's name.
It was then time to carry out some clean-up work on the affected computer. Thankfully this incident was relatively minor, although undoubtedly there will have been recipients of the spam who will have clicked on the payload and then presumably had their contacts list compromised, just what spammers hope for.
So much for those Canadian anti-spam laws!
Last Updated on Thursday, 05 March 2015 09:14  

Dear reader,

Due to an unmanageable amount of spam and abusive messages, we are no longer able to offer the comment function on our website. We respect the principle of public debate and remain committed to it. Please send us a note at and visit us in the near future when we have finished building our new website — at which point the comment function will be restored.

Kind regards,

The B.C. Catholic






Salt and Light Webcast
  Courtesy of Salt & Light Television

Click image to watch Video
Medieval Gem - UBC acquires papal bull

Click image to watch Video
Paul Goo's Diaconate Ordination

Click image to watch Video
Thank You John Paul II



4885 Saint John Paul II Way Vancouver BC V5Z 0G3   Phone: 604 683 0281 Fax: 604 683 8117
© The B.C. Catholic

Informing Catholics in Canada since 1931