The other day, I was reading some reviews of anti-virus (AV) products, and looking at some of the claims their marketing makes. In particular, most vendors claim a 100% success rate with a test against a set of known viruses. While, at first glance, this may seem like a good thing, the problem is that you really want your AV system to stop the “new” viruses. It seems kind of obvious, and a relatively easy thing to do, to stop “old” viruses. So, when an outbreak happens, how well do current AV systems do?
(more…)

A long standing problem when it comes to identifying viruses, or simply trying to find information out about a virus, is that each vendor names the virus in a different way. All too frequently, the only way to find out what name a given virus is called is to run it through a vendor’s anti-virus product. We primarily use the ClamAV anti-virus system, so tend to use the names generated by Clam as our starting point. In this article we will investigate this issue, and show some ways round it.
(more…)

We received a suspicious email today purporting to be an order confirmation from ‘element5info.com’ notifying us of an invoice for GBP 90.39, with an executable attached calling itself INV 4946911.exe. Putting it through a dozen different Anti Virus systems didn’t bring up any hits for known viruses.
(more…)

April Showers

April, usually a dull, grey month, in between Winter and early Summer. And the Spam report for this month, is much like the weather. After the excitment of the Winter’s WMF exploit, and the corresponding upsurge in spam, unsolicited email has been coming along in a steady deluge. Read on for an overview of the key trends and highlights in email attacks and spam sending for the month of April.
(more…)

A design error has been found in the ‘ntdll’ DLL in Windows which would allow an malicious attacker to place a virus on a system which would be bypassed by most of the major Anti-Virus products.
(more…)

To recap, the intent of 419 scams is an attempt to extract money from the email recipient - the victim. There is usually an offer of a large sum of money to be given to the victim, however before the victim can receive this large some of money, they have to pay an upfront fee.
(more…)

….following up from last weeks article, IKMA has declined in market value - it now as at 0.125. which is down by 61%!!
(more…)

Phishing and scamming methods are becoming increasingly sophisticated. They are using the latest software vulnerabilities to exploit systems and social engineering techniques to hack people. IT allows more potential victims to be targeted, at a lower cost to the attacker, than traditional methods of confidence trickery. Before the advent of the web, faxes were used with similar techniques to scam people.
(more…)

In the last week, we have been seeing a lot of ’stocks’ spam particularly for the symbol IKMA.
(more…)

Introduction

Welcome to the March edition of the InternetDefence Ham, Spam & Virus Report.
(more…)