Norton Internet Security logo

Targeted scam threatening DDoS attacks

Aug 17, 2010

In a typical 419 scam message, we usually see lottery winning notifications, mentions of next of kin, or fake business offers. Often we observe spammers creating fake stories tying in with disasters or news linked to users' emotions. In a recent targeted scam tactic, spammers have created a fake story threatening users about a DDoS attack on their website.

In this latest spam campaign, the spammer claims to be a hacker owning a huge network capable of a DDoS attack, and threatens users that their website will be brought down with a DDoS attack if they fail to shell out $200. The domain name mentioned in the spam message is legitimate and its registrant dates are old. There are intentional spelling mistakes in the message in an effort to evade content-based antispam filters.

In this targeted attack, the “To” header is an email address provided in the registrant contact details for the domain. And the “Subject” header follows a format similar to “Hosting - Important Updates and Information”, which helps the email to appear as if it has been sent by the hosting service provider.

Below is an example of the spam message:



Attempts of gathering personal information or money by using tactics similar to those mentioned here are very common in scam attacks. Symantec recommends that users ignore emails from unknown senders and use Symantec's message security solutions to prevent being scammed. We are closely monitoring such attacks to keep our readers updated.

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. The term is generally used with regards to computer networks, but is not limited to this field, for example, it is also used in reference to CPU resource management.

One common method of attack involves saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.

Denial-of-service attacks are considered violations of the IAB's Internet proper use policy, and also violate the acceptable use policies of virtually all Internet service providers. They also commonly constitute violations of the laws of individual nations.

by Samir Patil
www.symantec.com

0 comments: (+add yours?)

Post a Comment