WASHINGTON, Aug. 13 (UPI) -- "Of all the PCs in all the world, you had to come into mine," many personal computer users no doubt lament.
Whether its spam porno advertisements or lethal computer viruses, many unwanted messages and hostile programs have been finding new and insidious ways into the hundreds of millions of PC boxes around the world, software companies and virus alert officials have been warning.
Since Monday, yet another prolific worm virus has come out of the "Wilds" of the Internet to replicate itself ad-infinitum into literally millions of computers around the world. The so-called LovSan or MSBlast worm worked by scanning through the Net for vulnerable PCs and implanting a file causing each infected computer to send out versions of itself which turn affects other vulnerable computers. The worm uses a programming security hole in Microsoft's Windows XP, NT, 2003, and 2000 operating systems.
"The IT security industry has been waiting in horror for a new major worm to appear since the RPC/DCOM hole (in Microsoft operating systems) was found on the 16th of July", says Mikko Hypponen, Director of Anti-Virus Research at the F-Secure security solutions company.
"Now it's here," he added.
While Microsoft has had patches available for this programming flaw available since mid-July, most computer users never downloaded this security improvement.
According to Microsoft, "a worm is a subclass of a virus that generally spreads without user action and distributes complete copies (possibly modified) of itself across networks." The company adds that a worm can consume memory or network bandwidth, thus causing a computer to stop responding.
This was the case Monday and Tuesday as everyone from the Maryland Motor Vehicles Administration to the U.S. Postal Service suffered full or partial shutdowns of their computer systems.
On the e-mail front, filtering company SurfControl has also been warning this week of six new techniques being used by spammers to avoid detection and penetrate technologies used to keep them out of e-mail boxes.
"The battle against spam is intensifying as spammers are using ever more sophisticated and aggressive techniques to avoid detection," said Susan Larson, SurfControl's vice president for Global Content Operations, who identified the "Top Six Spam Techniques."
According to SurfControl, the latest techniques incorporate multiple, sophisticated software tricks buried in the Hyptertext Markup Language (HTML) code of e-mails to confuse and avoid detection by traditional content filtering mechanisms. Much e-mail now is delivered as full Web pages bearing advertisements and other information. Web pages are structured using HMTL code.
SurfControl officials said that HTML-based spam now accounts for 95 percent of all spam, and 99 percent of so-called "adult spam," or pornographic advertisements and images.
The company said that over the past six months research has indicated the type of most frequently used spam technique being used by offensive spammers, pornographers and those engaged in "brand spoofing" designed to steal personal information. These techniques capitalize on the naivete of e-mail users and pose significant legal, security, network and productivity risks for businesses.
According to SurfControl, these top spam techniques include:
The Hidden Agenda - Most commonly used in porn spam, this technique attempts to fool filters by tricks within the HTML source code of the message. Spammers use ASCII control code to represent letters, random words or phrases, as well as white text on a white background in HTML, within HTML comments or in bogus HTML tags. None of this is visible to the e-mail recipient. The result of the technique is to split spam words that make them unreadable by dictionary-based scanning tools.
Treacherous Tracks - This technique allows spammers to use their Web servers to break down a URL directory structure and add code that can verify a user's e-mail address, track them online and redirect an e-mail user automatically to a specific Web page. A piece of spam using this technique would mean that a user, simply clicking on an innocuous picture within the e-mail, sets in motion redirection to a pornographic Web site.
Dodgy Domains - An increasingly common technique used in HTML-based spam, this subterfuge allows spammers to redirect unsuspecting e-mail recipients to unexpected Web sites. By using the sign "@" within a URL, the spammer avoids URL scans that could stop the spam. A forged domain name is written before the "@" sign and this is the one an e-mail recipient believes they will find by clicking on the button in the e-mail message. The actual destination is hidden behind the "@" sign and takes users to a forged Web site where they can be the victims of fraud. This technique is used in "brand spoofing" spam.
Random Ramblings - This common technique used by less sophisticated spammers involves inserting long random words or characters in a subject line or body of a message. It is designed to skew statistical filtering or make all repeating spam messages appear different to fool automated spam fingerprinting filters.
Counterfeit Characters - A technique that uses numbers or accented characters to replace standard characters to fool filtering dictionaries unless these include spelling variables. V1agra or M0RTG4GE are two common examples of this trick.
Elusive Illusions - A technique used by spammers to hide or disguise the format and content of an e-mail to avoid dictionary scanners and statistical filters. Spam content can be hidden within Javascript or frames.
According to SurfControl's Larson, "These deceptive tactics are making it easier than ever for spammers to prosper and harder than ever for technology companies and law enforcement officials to identify and stop them,"
She added that spammers are using offshore Web hosting services "that make them very hard to track and e-mail harvesting services that make it simple to target more people than ever before."
