Porn images 'encouraging response to spam'

An image of a stripping woman is being used to get unwary PC users to answer spam messages.

Spammers are tempting PC users with pornographic images to encourage them to reply to messages.

The spam message poses as a game, which encourages PC users to unscramble some text with the reward being an image of a progressively undressing woman.

The tactic is designed to be effective against anti-spam protection on PCs, working by getting users to bypass it unwittingly. By typing in the text, the user becomes vulnerable to spammers looking deluge them with junk mail.

The scrambled text attacks are based around Captchas, or 'Completely Automated Public Turing test to tell Computers and Humans Apart'. A Captcha features a disfigured word that make it difficult for a computer to decipher, but can easily be identified as a real word by humans.

Captchas have now become a way for malware propagators to infiltrate systems to access resources such as e-mail accounts or blogging tools.

It is not uncommon for viruses to trick people into opening attachments loaded with malware with the false promise of seeing indecent images, but this latest trend is the first time that a spam message offers to show people more images as a reward for responding.

Security companies Trend Micro and Panda Security said they have both come across examples of this new form of threat, but not in great quantities yet. "I don't see this as a major threat to network security as such, as most companies will have provisions in place to make sure this is picked up," said Dominic Hoskins, country manager for the UK for Panda Security. "The home user is the one at risk, and is effectively being asked to create their own botnet. Of course with many business people working from home in often less well proected environments than the office, this could be a worry."

"Spammers are pulling out all the stops to get past security software and it's typical of the current trend in malware to use the individual's own basic instincts to fall for the traps," commented Mike Green, vice president of product strategy at security firm PC Tools. "Unfortunately there is no cure for human stupidity. Social engineering will always be a key component of security breaches and the criminals are using this to their advantage."

Featured Resources

BCDR buyer's guide for MSPs

How to choose a business continuity and disaster recovery solution

Download now

The definitive guide to IT security

Protecting your MSP and your customers

Download now

Cost of a data breach report 2020

Find out what factors help mitigate breach costs

Download now

The complete guide to changing your phone system provider

Optimise your phone system for better business results

Download now

Recommended

Data breach exposes widespread fake reviews on Amazon
data breaches

Data breach exposes widespread fake reviews on Amazon

7 May 2021
TsuNAME vulnerability could enable DDoS attacks on major DNS servers
distributed denial of service (DDOS)

TsuNAME vulnerability could enable DDoS attacks on major DNS servers

7 May 2021
What are SSH keys?
cyber security

What are SSH keys?

7 May 2021
Google’s about to push everyone into two-factor authentication
Security

Google’s about to push everyone into two-factor authentication

6 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021