DDoS Attacks: Is Regulation The Answer?
Top 5 #infosec reads: March 3-7, 2014

Is it Spam? This week in Fake Facebook Job Offer Fraud

Bayesianpoisoning1Spammers and phishers pay close attention to current events. They incorporate scandals, weather or political events into spampaigns because these kinds of events draw our attention to the event and away from the cues and clues we might otherwise notice in an email message that would cause us to be suspicious.

The subject lines of this week's spotlighted spam attempt to exploit the unemployed with an undeniably attractive job offer from Facebook. Or Amazon. Or Google. No, eBay. OK... craigslist. 

The links embedded in this enticing message take you to a job advertising scam landing page. All the links on that landing page take you to the affiliated cash commisions scam site. Here, you can't apply for the sweet Facebook job but you can get sucked into a bogus business opportunity and the scammers offer a variety of incentives enticements to convince you to pony up your credit card and buy into the program.

This is a fairly overt scam spampaign. What makes this particular spam message doubly useful for a spam awareness-raising moment is how the spammer adds clumsy to overt...

A Teaching Moment: Bayesian Poisoning

Bayesianpoisoning2Some of the messages in this spampaign have an enormous blob of text following the seek removal request (faux unsubscribe) link. Spammers append text of this sort to a message in an attempt to frustrate Bayesian spam filtering, a form of spam detection where algorithms are used to determine if the email is spam based on the presence or prevalence of words commonly found in spam. By altering the words present in in a spam message (and their frequency), spammers hope to cause the spam detection to incorrectly classify their messages as "not spam" (see Bayesian poisoning).  Some spammers try to hide this text in richly formatted emails. This spammer obviously missed class that day.

This week's scams contain Subject: lines include:

Facebook position now avaialble and reserved for you

Temporary hold put on this position - work w/ Facebook making $75/hr

This new position just opened with Amazon (reserved for you)

You just received an exciting new job offer working with Google ($89k a yr)

These would be sweet jobs to land. Facebook, Amazon, Google, et. al., don't reserve jobs in this manner. As always, you are most safe when you STOP. THINK. CONNECT.

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)