Tech Features

Spammers adopt new tactics

By Jay Dougherty Jul 24, 2007, 4:12 GMT

Washington - Spammers have one goal: to get your attention. Whether they're promoting hot stock tips, cures for impotency, miracle hair-growth methods, or other scams, the motive is usually to separate you from your money. But they can't do that if you're not reading their unsolicited e-mail.

As anti-spam software has gotten smarter over the past year, many computer users have been seeing less spam rather than more. But spammers are now employing new tactics that are escaping the net that their anti-spam software casts. Don't be fooled. Be on the lookout for spam that falls into one of the following categories.

--- PDF Spam

If you receive an e-mail message containing nothing but a subject line and a PDF file attached, it's likely an example of the new PDF spam that's been proliferating of late. PDF spammers assume, sometimes rightly, that you'll be so intrigued about the contents of the PDF that you'll open it and read. To get you intrigued, they typically name the attached PDF file in a way that makes it look plausibly like a business document - or something you probably ought to read. Always, however, these PDFs are come-ons - such as stock tips or ads for potency formulas.

Spammers have started using PDF attachments to transmit their messages for one simple reason: most spam filters do not or cannot screen the contents of a PDF attachment. Thus a message that contains nothing except a PDF attachment can more easily find its way into your inbox instead of your junk e-mail folder.

Can a PDF attachment contain a virus? Not usually. Make sure that you're using the most recent version of Adobe's Acrobat Reader, and you should be fine, even if you do open one of these spam messages. But your safest course of action if you come across an e-mail message that has a PDF file attached but no text in the message area is just to delete it.

--- Piggyback spam

Highly graphical e-mail messages that look like they come from large retailers may be examples of what are known as piggyback spam. This relatively new type of spam typically asks you up front or in the body of a spam message to click a link if you cannot 'view' the message properly, or there may be several links in the message that will purportedly allow you to tell the company to stop sending you mail, register for access to some site, or contact customer support.

Any one of all of these links, however, may actually lead to a downloadable file. If the file is downloaded and run, it may install malware or spyware on your computer that might perform any of a number of nefarious acts, including sending out spam from your PC and disabling any antivirus software you have running.

If you receive any e-mail from a retailer you've never heard of or never agreed to receive mail from, delete it immediately. Whatever you do, don't click any links in the e-mail message

--- Greeting card spam

Everyone loves greeting cards, and the popularity of e-greeting cards is on the rise. Unfortunately, spammers have figured this out - and they've devised e-mail messages that look like they're greeting cards but in reality unleash a dangerous virus.

Legitimate greeting cards are typically invitations to view the full-blown greeting card hosted somewhere online. That means recipients of these cards have gotten used to clicking a link in an e-mail message. That's just what many spammers want, of course, so a fake e-greeting card is an ideal vehicle for their malicious designs.

If you click the link in a spammer's e-card, you'll probably be taken to a Web page that will download viruses on your computer in the background. For now, the best way to avoid getting fooled by such a ruse is to delete any e-card that's not obviously from a person you know. Even if it is, a phone call to the person before clicking any link within may be prudent.

--- How to know where a link leads

Many types of spam typically include some kind of link that the spammers want you to click. If you're unsure whether an e-mail message is legitimate, before you click an embedded link, allow your mouse cursor to hover over the link for a couple of seconds. When you do, many e-mail programs today will show you a pop-up help balloon that contains the full Internet address to which the link leads.

Study that full Internet address for a moment - even if you don't know exactly how to interpret it. If the link's underlying address contains only numbers, words that clearly do not correspond to the company that supposedly sent the mail, or an 'exe' or 'com' at the end, delete the e-mail message without further ado. You might flag the e-mail program as spam if your spam filter claims that doing so will help improve catch rates in the future.

There's no doubt that spammers will continue to try to outsmart the anti-spam software - and sometimes succeed. But it's unlikely that they'll be successful against a savvy computer user. Always be suspicious of e-mail messages with origins that are puzzling, and you'll soon be counting yourself among the savvy.