Simply Security - News, Views, and Opinions from Trend Micro

Posted on August 28th, 2012 in Internet Safety by Simply Security | Be the first to comment | Tags: Internet Safety

Companies love email advertising campaigns. It appears spammers and other hackers love this method for their own advertising purposes as well.

Companies love email advertising campaigns. They're fun, cheap, easy to design and offer measurable conversion rates that help them better target the right demographics and strategies in the future.

Unfortunately, it appears spammers and other hackers love this method for their own advertising purposes as well. More sophisticated means allow these attacks to take place now under automation, meaning the inundation of malicious messages may not cease unless it can be traced to the root and nipped in the bud.

These threats are also starting to branch out, not only in terms of complexity but reach. In the past, many users felt that Macs were impervious to the multitude of attacks that PCs were susceptible to, and that was largely the case. There were fewer viruses and Trojans designed that could affect Apple products because they had a smaller presence online. Now that iPads and other devices in the Apple lineup are becoming more popular, however, hackers are seeing these devices as enticing new targets.

Email marketing scam

A growing part of the business mindset is finding ways to become an online authority and a market leader in the virtual marketplace. Internet advertising can be as simple as clickable links or it can involve images, click-through pages and email messages with different brand and product information. Emails especially tend to reach the largest audience, with viewing rates recorded around 20 percent globally, according to SilverPop.

These outlets also pose a unique opportunity to hackers and phishing scams, however. It's easy enough for a person to copy the layout and jargon of a major business known for emailing product and sale information, creating false links requesting credentials and user information, thus allowing hackers to do whatever they please with this data.

Naked Security reported that's exactly what's happened to Groupon customers in the past few weeks. The company, known for emailing valuable coupons in the form of generic branded messages, was the most recent target of a copying scam. The ploy enticed consumers by promising a special discount if they acted immediately on the deal, creating a false sense of urgency and compelling users to blindly click on the provided link, enter requested personal and financial data and then lose all that information with nothing in return.

Clicking the link also allowed a executable file to be downloaded to the target computer, which then launched a Trojan attack on the machine. Groupon has warned consumers to be wary of all incoming messages and look for specific markers in their graphics, according to Naked Security, but the company acknowledged that the email was eerily convincing.

False sense of security

In the past, Mac users have looked at accounts of data security blunders like this as a tale of woe and more ammunition in the anti-PC debate. The tides appear to be turning, though, as more new viruses are Mac-compatible, allowing them to function the same way on every machine, regardless of manufacturer or operating system.

Email attacks like the Groupon scam should not be taken lightly by Mac users in the future, as InformationWeek recently reported that another similar email scam has been targeting Apple products.

The virus, known as Crisis or Morcut, installs itself in an Apple device as part of a fake Java document which is supposedly certified by VeriSign. Of course, it's neither a benign file nor secured, and once downloaded will execute the virus on the user's system. At that point, it will install a number of applications and tracking software, recording incoming email and instant messages and transmitting them to its host botnet server. What's more, the program embeds itself directly in the operating system run protocol, meaning rebooting the machine won't wipe it from the drive, as was previously assumed effective in earlier attacks.

"If this malware managed to infect your Mac computer, it could learn a lot about you and potentially steal information," said Graham Cluley of Sophos. "[Morcut] could read your private messages and conversations, and open your email and other online accounts. Clearly, [it] was created with spying in mind."

Regardless of the kind of machine, level of security or care with which users review incoming correspondence, there's always a data protection risk. As email is so proliferate, users may not be as diligent about inspecting messages or reviewing links, but to maintain corporate integrity and protect customer data, companies need to take more steps to make their advertising unique. At the same time, consumers need to be more careful about what requests they accept and the information they give out, or else these kinds of email attacks will continue to pose a serious threat.