MyCERT 3rd Quarter 2011 Summary Report - CyberSAFE Malaysia

More documents

Recommendations

Info

18Figure 4: The distribution of spam categoriesGambling/Lottery was the most commonspam category in the first quarter of 2011.Almost 90 percent of gambling/lottery emailscame from Malaysia. As shown in Figure 5,the percentage for these scams consistentlyincreased from January to March. PersonalFinance/Money recovery emails came insecond place. In February, the percentage ofemails in this category reached the highestnumber within 3 months at 40.1 percent.Spammers’ tricks and techniquesDuring the first quarter of 2011, incidentsinvolving gambling/lottery emails recordeda third of the total spam that was reportedto MyCERT. The large numbers of spamrecorded were on fake lottery winnings andcompensation claim scams. Scammers willask the victim to pay a certain amount toclaim their winnings/compensation. Oncethe victim pays the fee, they will just inventa new fee that the victim has to continuepaying. If the victim falls for that trick, theykeep inventing a new fee, until the victimgives up or runs out of money.If the victim becomes aware that the emailthat they received is a scam and stop sendingmoney, the second stage of the fraud couldoccur. Scammers will introduce themselvesas police officers or other employees whohave been arrested or who seek to arrest thecriminals in the first scam. They will promiseto return the money stolen in the first scamas shown in Figure 6.Figure 5: The Gambling/Lottery spam and Personal Finance/Money recovery scam categories in the first quarter of 2011According to Figures 3 and 4, the numbersof compromised hosts that are used to sendGambling/Lottery spam emails in Malaysiaare increasing on a daily basis. From thisdata, we can also assume that there are manyMalaysians who are still using Windows XPand the insecure Internet Explorer 6 webbrowser. This inevitably aids the distributionand infection rates for botnets that are usedto send out spam such as Waledac, Krakenor TDL-4. It also shows that the majority ofusers in Malaysia lack awareness on how tosecurely protect their computers.Figure 6: Second stage of fraud for the fake lottery scamWhy Spam is prevalentEven though spam is a nuisance, it is stillprevalent on the net with increasing statisticsevery year. One of the reasons why spam isprevalent is because many recipients of spamemails reply due to lack of awareness aboutspam emails. Many users also purchasegoods through spam emails. By respondingand purchasing goods through spam emails,it actually propagates further spam activitieson the net.e-Security | Cyber Security Malaysia | Vol: 28-(Q3/2011)© CyberSecurity Malaysia 2011 - All Rights Reserved
Another reason why spam is prevalentis because spamming is a cheap way inpromoting services and products. This is inaddition to the many tools available on thenet for free that can be used for spamming.There are also many cheap software that canbe used to spam on a large scale and alsothe availability of various database of emailsthat can be purchased on the net for a verycheap price.Another reason is due to the lack of laws inmany countries that can be used to punish andprosecute spammers. Only very few countrieshave spam legislations such as Australia withits Spam Act 2003, Singapore and its SpamControl Act 2007 and New Zealand with itsUnsolicited Electronic Messages Act 2007.Unprotected and vulnerable computers alsoenable spam to be prevalent on the net.Computers without anti-virus protection canlead to malicious programme infections andenable the infected computers to becomespam zombies.Spam MitigationsThough there is no special prescription toeradicate spam entirely, certain mitigationsteps can be implemented to minimisespam to some extent. Some of the stepsusers can implement to protect themselvesare to safeguard your email address fromspammers. This includes being careful whensigning up online using your email addressand making sure the website you sign up withis reputable and not involved in unethicalactivities on the net. You must not reply to aspam email or unsubscribe to a spam emailas this will further propagate the spam. Ifyour email is exposed on the net, make sureit is in the form that a spambot cannot easilydetect and grab. When choosing a new emailaddress use one that is hard to crack - makeit more than a few characters long with afew unusual characters like underscoresif they are allowed. You can also considerusing a secondary email address to avoidpublicising your primary email address oruse a disposable email address. Read emailin plain text, switch off the preview pane,or disable the automatic downloading ofgraphics in HTML emails. Do not click linkson spam emails as the links may contain anencoded version of your email address andindirectly informing spammers that youremail address is valid.Using spam filtering is also an effective wayof preventing spam. Spam filtering can bedone at your computers, your organisation’semail gateway and at your ISP level. Spamfiltering at your computer can be doneeither by using spam filtering software orspam filtering features available in youremail client, which can be configured basedon keyword and routing or source of emailinformation. The emails can be filteredto be sent to a spam-trash folder. SystemAdministrators can install spam filteringsoftware at their email gateways to preventspam emails from reaching their users withinthe organisation. Users can also subscribeto their ISPs’ spam filtering services whichhelp to prevent spam emails from reachingthe end-users’ mailbox. Besides the filtering,make sure your computer is secured andrunning an updated version of an anti-virussoftware and is patched regularly. This canhelp to prevent your email address frombeing harvested from your PC or your PCbeing used as a spam zombie.ConclusionIn conclusion, we can say that spamcontinues to grow and are still prevalenton the net. This is due to various factorssuch as lack of user awareness, availabilityof spamming tools on the net. There is nomagic wand to eradicate spam. However,with safe email practices by users and properspam filtering, spam can be minimised toa certain extent. This will eventually makespam less annoying and the Internet acomfortable place for all of us. ■References1. Cyber999 Help Centre2. http://www.securelist.com/en/analysis/spam3. http://www.419scam.org/4. http://www.scamomatic.com/5. http://www.securelist.com/en/threats/spam?chapter=956. http://en.wikipedia.org/wiki/Spambot7. http://en.wikipedia.org/wiki/Email_spam_legislation_by_country8. http://spamlinks.net/prevent-users.htm19e-Security | Cyber Security Malaysia | Vol: 28-(Q3/2011)© CyberSecurity Malaysia 2011 - All Rights Reserved
Page 3: MyCERT 3 rd Quarter 2011 Summary Re
Page 6 and 7: 4compared to the previous quarter.
Page 8 and 9: 6Based on the statistics, there was
Page 10 and 11: 8Legal Restriction on CryptographyB
Page 12 and 13: 10Wassenaar Agreement “will not i
Page 14 and 15: 12transactions, electronically thro
Page 16 and 17: 14deciding if software is considere
Page 18 and 19: 16SPAM, the Annoying Culprit on the
Page 23 and 24: “wire-once” settings pool bare-
Page 25 and 26: San Francisco, CA. McKesson has dou
Page 27 and 28: 3. Consistency:It means that the be
Page 29 and 30: Mathematics Operations in BinaryNum
Page 31 and 32: compare the difference between a bi
Page 33 and 34: divided, it will remain as remainde
Page 35 and 36: Criteria is in a better spot to pro
Page 37 and 38: ASPECTS PLAN EXECUTE ANALYSISObject

MyCERT 3rd Quarter 2011 Summary Report - CyberSAFE Malaysia

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?