Within the first 24 hours, participants in McAfee’s SPAM Experiment have already started to receive a wide range of spam. The U.S. economic crunch (bearing in mind I am NO economist ) may be having an effect on spam campaigns, as several of the recipients, browsing the Web and working independently of each other, have started to receive offers that center around guaranteed loans, credit cards, and debt relief.

The spam that isn’t offering money is trying to take it away from the participants. Three of our “victims” have already been targeted by phishers! It didn’t take long at all for some of their e-mail address to be picked up and exploited by fraudsters.

According to their blogs, some of the participants started to receive spam almost immediately after they clicked on pop-ups on the first day and provided their e-mail addresses for free offers! As usual with the free offers it turns out that it’s almost impossible to meet the conditions to get the free Xboxes, Wiis, iPods, iPhones, etc.

At the time of this writing, the overall spam submission counts have exceeded 550 from 17 of the participants. One participant alone has received more than 130 pieces of spam!

More to come during the next 29 days. Make sure you follow the participants blogs and stay tuned.

Tis the season to be shopping, tra la la la la but don’t get had.

I’ve stumbled upon a scam where search engine product listings are being (ab)used for the classic (”#1 auction site”) +postage scam. Most auction sites have some jokers with good value items with ridiculous postage or compulsory insurance to even the score. Credit where it is due, the big boys are clamping down on unfair charges, but it’s still pretty common for listings to include excessive additional charges; £13 to post a memory stick locally (almost twice the price of the item itself), or £38 to post a Wii.

The scam works like this:

You search for a gadget on your favorite search engine’s products section and as normal you’ll see those highly relevant and usually high commission links on the first page. Like most people, I’m sure you’d have gone to the high street to pay hight-street prices, so the first click is to sort by price. Scrolling past the pages of adapters and cases (if you wanted a case or adapter you’d have searched for it after all) you’ll eventually find the holy grail, the page containing the lowest price actual product you searched for.

It is not uncommon to find many web-based storefronts for the same white label box-shipper, so new stores with juicy offers crop up every day. Since you’re an astute shopper, you’d investigate the first couple of links, knowing that your about to save about 20% or so.

When visiting the site indicated we see that the price is invitingly lower still than the one displayed by the search engine. Bargain!

^{[ Click for full image - This site is flagged by SiteAdvisor due to misleading offers ]}

…along with the somewhat unusual text “Subject to change”, anyway £4.20 is £4.20 so we decide to click to buy now.

^{[ Click for full image ]}

£300 is the total, right up there in the top right of the PayPal page. If your PayPal credentials were stored in your browser that login button would be your destination. If you happened to be logged in to PayPal the blanks in the form would have been all filled in too. If you were in a rush (and who isn’t at this time of year) I’m sure that would have been easily missed.

“Subject to change” hardly covers this one. Just to pour salt on the wound, the actual Post and Packing sting comes on the last page, and after you’ve logged in.

^{[ Click for full image ]}

£1200! Caveat Emptor people…”Let The Buyer Beware”
- Merry Christmas one and all.*

Here’s an interesting development. Hackers have been working on exploiting the Nintendo Wii. As a popular tech-item, it is safe to assume this–but it looks like one has achieved a modicum of success.

First, don’t worry–your Wii is not in grave danger, so you can relax and read on . . . .

A few months ago, a vulnerability in the Opera browser was disclosed (and promptly patched by Opera). Check here for their knowledge-base article. Well, it turns out that Opera is the Internet browser for the Wii (aka “Internet Channel”)–and, it turns out that the original (“trial”) version posted to the store is pre-patch.

So folks that have downloaded the original Internet Channel for the Wii have this vulnerability. You can see a demonstration of it here:

Go to a web page that has the specially crafted JPEG image in it and Opera will crash. That means it’s theoretically possible to run malcode–and according to the hacker conversations they are trying hard to do exactly that.

Hackers are going to be out of luck though, the patched version of Opera (9.10) was released to the store on 12 April. So time is rapidly running out on pulling off an exploit for this one.

The Internet Channel on the Wii has to be update manually. So Wii users, if you downloaded the Internet Channel, you need to update it.

Still, this serves as a good reminder the any system, closed or otherwise, is vulnerable to malcode.

But the story goes on: Opera is quite popular on mobile handsets, so we tried it out on several handsets with potentially vulnerable versions of Opera installed. In our brief testing, we had two cases where the image successfully crashed the browser (one Symbian8/s60 and one Symbian9/UIQ).

So there is the potential for concern–especially since a someone was kind enough to post the directions for generating the specially crafted images. Now anyone can crash the un-patched browser. Remember, a crash is an opportunity to compromise a system–hard to do, but it does happen.

Now, if only Accounting will approve the lab’s requisition for a Wii for ongoing research purposes. We should probably get a PS3 also, just in case . . . .

As of late, a weekend is just not complete without a new W32/Stration variant spamming, and this weekend was no exception. Of course, this variant added a Christmas twist to the message body. To add to the Christmas “fun”, we also saw two other nasties taking advantage of people hoping for a little holiday cheer in their inbox.

Here’s hoping you all missed this excitement because you were having a wonderful holiday with friends and family instead. Or perhaps basking in the glow of a TV, enjoying a new video game console. (Speaking of which, the Wii just got an internet browser which is capable of playing Flash games. Hmmm… Very cool that they went with Opera, though!)