Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Spam Communications The Internet IT

New Flavour of Spam - MP3 Stock Scams 170

Posted by Zonk from the tastes-just-terrible dept.
An anonymous reader writes "Spammers are back with a new trick, this time round sending messages with MP3 attachments that contain the latest pump-and-dump stock scams. One sample identified by Sophos was a heavily distorted 30-second MP3 file. A synthetic female voice was used to promote a particular stock. Says Graham Cluley, senior technology consultant at Sophos: 'Although the spammers seem to have a fair bit to learn about machine-generated sales patter, some companies might consider blocking all MP3s in email as a matter of course. So many music files infringe copyright, and it can be hard for a company to establish which ones are legal and which are not after they have arrived. Blocking MP3s, or at least quarantining until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal file sharing. It also has the benefit of neutralizing this sort of spam at the same time.'"
This discussion has been archived. No new comments can be posted.

New Flavour of Spam - MP3 Stock Scams More

New Flavour of Spam - MP3 Stock Scams

Comments Filter:

  • Well hey now (Score:5, Funny)

    by SpiffyMarc ( 590301 ) on Thursday October 18, 2007 @03:32PM (#21030087)
    Let's not get hasty. Some of us rely on those daily pump-n'-dump stock scams to support our families.

    Won't you think of the shady day-traders?
    • 1) Send MP3 of Stock info?
      2) Pump and dump stock
      3) ????????????
      4) Feed the Shady day-traders family.

  • Better idea: block all text in email (Score:5, Funny)

    by Sub Zero 992 ( 947972 ) on Thursday October 18, 2007 @03:35PM (#21030113) Homepage
    Although the spammers seem to have a fair bit to learn about machine-generated sales patter, some companies might consider blocking all text in email as a matter of course. So many text files infringe intellectual property and patented business methods, and it can be hard for a company to establish which words are legal and which lemmas are not after they have arrived. Blocking all letters, or at least the letters J-M and all the vowels until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal and/or infringing message sharing. It also has the benefit of neutralizing this most spam at the same time.

    • Re: (Score:2, Funny)

      by arminw ( 717974 )
      ....some companies might consider blocking all text in email as a matter of course........

      We can all go back to hand written letters and slide rules--- well maybe adding machines are OK. Who needs all this new fangled computer stuff. The plain old phones work well for those who can't wait for the mailman. We get lots of paper junk mail also, but at least we get a little heat from that when it is consumed in our wood stove.

    • Re: (Score:3, Insightful)

      by Shakrai ( 717556 )

      some companies might consider blocking all text in email as a matter of course

      You got +5 funny, but you really deserved +5 insightful.

      Seriously. Since when did it become my job as a network admin to "take a proactive stance against illegal file sharing". As long as my users aren't bogging down my network I DON'T CARE WHAT THEY ARE DOING. If they are doing something illegal then I would assume that law enforcement will catch up to them sooner or later.

      Blocking MP3s, or at least quarantining until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal file sharing

      Yes, cuz e-mail has displaced P2P/bittorrent as the preferred method for sharing songs and warez. Give me a fucking break!

      • Much less than 1%. Most email systems have an attachment size limit of around 5MB, and it isn't really possible to fit the average music track into that space unless you encode it to a very low quality level. Yes, you can split it up, email the bits separately, and join them together at the other end, but it is much easier to send them by MSN Messenger or similar.

        • Re: (Score:2)

          by Shakrai ( 717556 )

          Much less than 1%. Most email systems have an attachment size limit of around 5MB

          Hmm, I thought the typical setting for that was 10MB? That's what I limit my messages to in sendmail.

          Regardless though, I think we'd both agree that even if you didn't have that limit, e-mail is a piss poor way to transfer large files. By the time the MIME encoding is done the e-mail is probably 30-40% bigger then the original binary attachment. And unless you are planning on using one e-mail to send that file to 200 people (thus moving the workload off to your smtp server) I fail to see any benefits

        • at 128kbps I think you would fit most pop songs in a 5 megabyte attatchment. at 64kbps you would fit virtually all of them.

      • Re: (Score:2)

        by tacocat ( 527354 )

        The interesting aspect to spam that these silly spammers don't seem to realize is that they still can't get around a well designed bayesian spam filter. All you have to do is filter on the tokens and the match /mp3/ will naturally rise to the top with sex, viagra, and other spew. It might take a while to get the filtering to work if you have a history of accepting mp3 files. Otherwise it will take only a dozen.

        I have been using bayesian spam filters as the only means of filtering spam and they always be

    • Re: (Score:3, Funny)

      by brianosaurus ( 48471 )
      No need to block the letters. Just block all 4-letter words. That will keep stock symbols from appearing. As a bonus, it will neutralize most swear words, making email "safe" for children and christians.

      And the best part: the solution doesn't sound like contrived RIAA propaganda. I mean, really. Who ever heard of mp3 files that infringe copyrights?

      • Re:Better idea: block all text in email (Score:4, Funny)

        by Torvaun ( 1040898 ) on Thursday October 18, 2007 @04:46PM (#21031335)

        No need to block the letters. Just block all 4-letter words. That will keep stock symbols from appearing. As a bonus, it will neutralize most swear words, making email "safe" for children and christians.

        And the best part: the solution doesn't sound like contrived RIAA propaganda. I mean, really. Who ever heard of mp3 files that infringe copyrights?
        Turns into:

        No to block the letters. block all 4-letter words. stock symbols appearing. As a bonus, it neutralize swear words, making email "" for children and christians.

        And the: the solution doesn't sound contrived propaganda. I, really. Who heard of mp3 files infringe copyrights?
        Now it matches the spam I get grammatically...
  • So, who thinks the RIAA is behind this?
    • So, who thinks the RIAA is behind this?

      Not a chance. Way too subtle, and thinking too many steps ahead to be a creation of the clumsy, heavy hands of the RIAA.

      Not that they would be above wasting the resources of innocent third parties via illegal pump and dump emails to try to hamper the efforts of copyright infringers, it's just a bit too clever to be their invention.

  • Ugh, please don't block file types... (Score:5, Informative)

    by MightyYar ( 622222 ) on Thursday October 18, 2007 @03:38PM (#21030161)
    I hate when a certain file type gets blocked. Just today I had to rename my exe files so that I could send them in gmail... even though they were zipped! Yes, gmail actually looked inside my zip file to see if there were any exe files...

    So of course, now the instructions to use my script have to include renaming exe files after unzipping.

    • Re:Ugh, please don't block file types... (Score:4, Informative)

      by Constantine XVI ( 880691 ) <trash@eighty+slashdot.gmail@com> on Thursday October 18, 2007 @03:50PM (#21030337)
      Use another archive format (like 7z, RAR, tar.gz, etc.), or rename your .zip to something like .piz. Foils it every time.

    • Re:Ugh, please don't block file types... (Score:4, Informative)

      by necro2607 ( 771790 ) on Thursday October 18, 2007 @03:56PM (#21030421)
      Easy solution, put a password on the ZIP archive. Be sure to check the option "encrypt filenames" as well, if available. :)
      • Long story short, I tried that from where I was and the zip command "did not support encryption" and helpfully recommended that I recompile with encryption turned on :)

        As another poster pointed out, I should have just renamed the zip file to .zippy or something.
      • I developed spam filtering infrastructure a few years back while I worked at an ISP.

        Password protecting a zip archive still allows for a directory listing. Most filterers that reject email based on filename simply preform a zip contents list, and reject based on the results. Most filtering solutions will separately attempt to extract the ZIP for virus scanning.

        Although I don't have any direct experience with it, a zip password and encrypting the filenames you mentioned should allow your email to bypa
        • Well, the reason I told him to turn on the "Encrypt filenames" option is exactly that - even if the files' content is encrypted, the filenames are still listed in there, unless you choose that option. If that option is on, then you can't get a damned thing out of the ZIP without entering the correct password, since it uses what you enter as the decryption key or whatever.

          However, zipping a file just now, I see in WinRAR I'm not given the option to "encrypt filenames" when putting a password on a ZIP. I g

        • Re: (Score:2)

          by Yer Mom ( 78107 )

          Password protecting a zip archive still allows for a directory listing. Most filterers that reject email based on filename simply preform a zip contents list, and reject based on the results. Most filtering solutions will separately attempt to extract the ZIP for virus scanning.

          Zip the files as normal, with an innocuous name like files.zip. Place that file in a password-protected zip file. Job done.

      • Funny. Our ClamAV is set to block encrypted zips for that reason. And yes, I had to deal with asshats sending encrypted zips to our domain with included instructions to infect your PC ("type this number in to see hot naked chicks!!!") once received. If anyone wants us to access executables they will only do so with trusted and verifiable means.

    • Re: (Score:2)

      by jimicus ( 737525 )
      It's a tough call for a mail admin.

      You have the choice of "ban executable attachments" or "increased risk of something making it through your antivirus scanning". Frankly, I think both options are pretty awful. But I would far rather deal with the occasional hacked off user than the aftermath of an executable containing something nasty. I've seen that before and it really isn't much fun, even in an otherwise reasonably well managed network.
      • Except that gmail is blocking OUTBOUND exe files wrapped in zip files! Inbound might make more sense, though it's still wrapped in a ZIP.
        • From Googles perspective, it is inbound.

        • Re: (Score:2)

          by jimicus ( 737525 )
          The reason you might do that is if something gets onto the system through some other vector and you want to prevent it from spreading.

          More of a risk in an environment where people are using ordinary email clients rather than web-based ones, though.

    • Re: (Score:2)

      by slapout ( 93640 )
      Our mail system blocks zips. Even if they're empty. I know. I tried.

    • Re: (Score:3, Interesting)

      by MichaelSmith ( 789609 )

      gmail actually looked inside my zip file to see if there were any exe files

      For one company I exchange email with I have to pgp encrypt most types of potentially executable code, including ksh scripts, then strip the PGP headers and footers and send the raw base64. Its the only way to get it through their mail system.

  • 320Kbps MP3 Spam... (Score:5, Funny)

    by Starteck81 ( 917280 ) on Thursday October 18, 2007 @03:39PM (#21030173)
    ... sound so rich you can almost see the pink and taste the meat.

  • What's the saying about a fool and his money? (Score:4, Insightful)

    by mcmonkey ( 96054 ) on Thursday October 18, 2007 @03:39PM (#21030177) Homepage
    The realize the real victims are the rest of us who suffer the extra traffic on the internet and in our mail boxes, but who is smart enough to check email, play an mp3 file, and have money to lose and yet still be dumb enough to fall for this?

    This isn't a scam, it's economic darwinism.
    • Ahhh, but poor people tend to have MORE kids.

      It is in smart people's best interest to make sure that stupid people are as rich as possible.

  • That Spam won't exist for long (Score:4, Insightful)

    by Opportunist ( 166417 ) on Thursday October 18, 2007 @03:42PM (#21030233)
    Unlike pictures or HTML, people don't usually get a lot of MP3s via mail. Companies, like the article said, don't at all. People usually either use FTP or P2P access to get their MP3s illegally or through iTunes or similar services legally. And if they don't know what an MP3 is, they won't see (or hear, in that case) the spam at all, afaik there's no built-in support for MP3 in the various mail programs (and if there is, that's at best a reason NOT to use a certain mail client).

    So I'd guess this is a short lived problem.

    • Re: (Score:3, Interesting)

      by LWATCDR ( 28044 )
      Yea I wondered why I got an MP3 in my email this morning. I thought it was probably some new buffer exploit that I hadn't heard of yet. Dang I wish I had listened to it now.

      • Re: (Score:2)

        by xaxa ( 988988 )
        I got one this^W^W^Wyesterday morning too. It was called allineed.mp3. I tried to listen to it, and with my volume set to about 50% of maximum (on *big* speakers, I didn't dare go any further -- I had my music playing very loudly with 15%) I could just about hear a woman talking.

        (I say I got one, I actually got the same one 6 times to 3 mailing lists I adminster.)
    • I just checked. Lotus Notes does support MP3s. I don't know if they use the codec from the OS or if they implement their own, but when you say to view the file, it opens a new tab and plays the MP3.

      Why you would thank that supporting file types would mean that you should not use an application is baffling.
      • Why you would thank that supporting file types would mean that you should not use an application is baffling.

        For the very same reason I don't want mail programs to support scripting or other "active" things. It's not necessary, serves pretty much no sensible purpose and a potentially large security hole.

        A mail program should enable me to transfer mails. Possibly with attachments (although that's something it was never designed for nor is suited for). I can see that in a corporate environment cooperative too

        • Re: (Score:2)

          by Belial6 ( 794905 )
          "But can you show me a single sensible application of MP3 support in a mail program?"

          Unified Messaging.

    • Re: (Score:2)

      by Nezer ( 92629 )

      afaik there's no built-in support for MP3 in the various mail programs (and if there is, that's at best a reason NOT to use a certain mail client).

      I disagree. Apple Mail supports inline media attachments supporting everything Quicktime does. I find the mp3 an excellent way to attach voicemail to email and use it all the time. if a particular mail client doesn't support inline mp3s, to me this is a reason *NOT* to use it! It's very nice to manage voicemail with the exact same tools as email.

  • Are they pumping Aperture Science stock?
  • If they'd just block any e-mail with headings containing "penis" and "enlarge" half my spam would go away. I think I can survive loosing the odd e-mail a friend sent me about how he enlarged his penis.
    • You probably get some legitimate email about people enlarging other things, so I guess it is just penis you need to enlarge, and of course all the variations in spelling of it, and all the other words used to describe the same thing.
  • I thought the 419 stuff was lame. I'm amazed that anyone would actually invest in a stock based on a spam message. Is the pool of idiots with investment dollars actually big enough to allow the spammers to make money?

    • No one "falls" for it. (Score:5, Insightful)

      by khasim ( 1285 ) <brandioch.conner@gmail.com> on Thursday October 18, 2007 @03:51PM (#21030353)
      But there is a group of people who THINK that they can ride on the scammer's pump-n-dump scheme and make some money on the up-side of the pump.

      These are the people who know it's wrong and don't have the guts themselves to run a stock scam ... but feel okay about trying to make some money off of one.

      I didn't say they were very smart.

      • Re: (Score:2)

        by joe 155 ( 937621 )
        I'd be interested to know if you could make money on the "up-side", I suspect that you could but probably wouldn't try because it seems like a lot of effort for a fairly small reward and I assume that it is illegal (and probably fairly easy to get caught).

        But what I wanted to pick up from your post was "These are the people who know it's wrong" - I don't really get why it is considered immoral by people who play the game anyway. I understand the argument that capitalist accumulation is inherently immoral

        • Re:No one "falls" for it. (Score:5, Informative)

          by jonbryce ( 703250 ) on Thursday October 18, 2007 @06:05PM (#21032477) Homepage
          They pick small caps where there is very little active trade, and it can take weeks / months to sell the stock.

          They buy a load of them at the normal price over a period of time, then sell them at an inflated price to the people they spam. By the time they send out the spam, the price has gone up, and it is already too late to profit from the upside.

    • Re: (Score:2)

      by Dunbal ( 464142 )
      I'm amazed that anyone would actually invest in a stock based on a spam message.

      But it's so cheap! I can buy 100,000 shares!!! When it goes up just a dollar, I'll be RICH! /sarcasm

      Is the pool of idiots with investment dollars actually big enough

      History has shown that the pool of stupid people with money is bottomless. In fact, we can all take turns once in a while. You want to be next? :)
  • Maybe sometimes it is better that Linux doesn't have such a great market share.

  • Why are they really doing it? (Score:4, Insightful)

    by scottsk ( 781208 ) on Thursday October 18, 2007 @03:47PM (#21030305) Homepage
    "...it's hard to believe that many internet users will fall for such an amateurish presentation..." Surely not, which leads to the real question of why spammers are doing it. No one who retains their services could be dumb enough to believe this would work. (In fact, the WSJ once built a portfolio of penny stocks that were spam targets, and they didn't even see a "pump" in value, just a decline.) This is an area where I'd like to see some investigative reporting done by a tech savvy reporter who could find out who these spammers are and who bought their services. To waste bandwidth? To distract us from other spam that's smaller but more accurately targeted? Defamation of a company by rivals? Getting into the spam underworld would be risky (one spammer died in a spam turf battle recently) but it would be interesting to know who buys the services of these spammers for these PDF, MP3, image, etc spams and why they're doing it.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      In fact, the WSJ once built a portfolio of penny stocks that were spam targets, and they didn't even see a "pump" in value, just a decline.

      According to some analysts, that is in fact the intention. The Spam is not meant to artificially inflate the price for a short time, but rather to depreciate the stock. Not so much to ruin the target company, but rather because the spammers can short the stock and make a bit of money on the short-term depreciation.

      I'm not sure if it's true or not... but I must admit

      • Re:Why are they really doing it? (Score:4, Informative)

        by larry bagina ( 561269 ) on Thursday October 18, 2007 @04:24PM (#21030925) Journal

        Not this shit again...

        You can't short a penny stock.

        Here's a dumbed down guide to how shorting works:

        1. You borrow stock from someone else
        2. You sell it
        3. ???
        4. Profit! (buy it back at a lower price and return the shares)

        If you want to borrow a NYSE/NASDAQ stock, your broker will be happy to help (they charge interest and take the shares from another person's account). But if you ask about borrowing a penny stock, they'll tell you to fuck off.

    • Probably they see other spammers doing it and think there must be money to be made out of it?
  • I had never received one of these .mp3 spams. Until I read this story. The very next email I received was, sure enough, an .mp3 pump-and-dump.

    At least, that's what I assumed. The filename was gloriaestefan.mp3 but I didn't listen (duh), so I can't be certain.

    • Re: (Score:2, Funny)

      by JK_the_Slacker ( 1175625 )
      Geez, you finally release a product, and people complain that they weren't on the beta testing team.
    • Holy crap, no way??

      *checks email* ...

      Damn, one newsletter, one real message, no mp3 spam :(

    • gloriaestefan.mp3?

      One-two-three-four, come on baby check your email, five-six-seven times...

    • Re: (Score:2)

      by xaxa ( 988988 )
      If it's anything like my first MP3 spam (received yesterday, but it's only 00.54 here) the sound is so distorted and the recording level so low, you wouldn't have heard anything anyway.

  • VOIP? (Score:5, Interesting)

    by Anonymous Coward on Thursday October 18, 2007 @03:50PM (#21030325)
    Well hold on there, I've got a nice new shiny VOIP line at home, guess how the answering service works? That's right, MP3s in my email...
    • Most VOIP as well as many new phone switches have this function. In fact I haven't looked at a solution that doesn't offer mp3 email attachements of voicemails. Blocking MP3s in emails is a really dumb idea. This article had to be written by the RIAA.
  • I cannot find more details...

    Maybe there's more to this than meets the eye? WinAmp (still widespread) has had multiple arbitrary code execution vulnerabilities in the past, through ID3 tags, the mp3 stream itself, etc. I wouldn't be surprised if someone found similar things in iTunes or Windows Media Player as well.

    Are those mp3s sound recordings only?
    • The other day, I picked up the ' telephone ' and a voice on the other end advised me to invest in a South African diamond mine, well next thing I know, I re-mortgaged the house and gave the lot to this anonymous voice over the phone. When will Sophos provide a solution to protect me from the ' telephone ' ...

      must invest .. the VOICE says so .. must invest ...

      was: Re:mp3s with payload?

  • What I want to know... (Score:3, Interesting)

    by JK_the_Slacker ( 1175625 ) on Thursday October 18, 2007 @03:56PM (#21030433) Homepage
    ... is how they'll manage to misspell the words in an mp3?

    • Re: (Score:2)

      by HTH NE1 ( 675604 )

      What I want to know... ...is how they'll manage to misspell the words in an mp3?
      I have heard people mispronounce "lose" and "loose".

      I've also heard people make statements with a questioning inflection.

  • The RIAA is behind this... (Score:5, Informative)

    by brundlefly ( 189430 ) on Thursday October 18, 2007 @03:57PM (#21030451)
    Strap on your tinfoil hats, gents. The RIAA stoops to a new low... poisoning the well for all of us who love to email terabytes of illegal MP3s to our co-workers.
  • Blocking MP3s, or at least quarantining until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal file sharing.

    Ya, sounds like a huge problem facing companies today. Tech journalism rocks sometimes.

  • New setting needed (Score:3, Insightful)

    by gurps_npc ( 621217 ) on Thursday October 18, 2007 @04:00PM (#21030521) Homepage
    We need a setting to block all mail that has an attachment that is NOT on your contacts list, with an auto-reply explaining this. They sender would then know to send a normal email first, requesting that you put them on your contact list.

    • Re: (Score:3, Insightful)

      by T-Bone-T ( 1048702 )

      They sender would then know
      that the address works and will then sell it to other spammers, thus vastly increasing the amount of spam you receive. Real smart.

      • Re: (Score:2)

        by HTH NE1 ( 675604 )

        They sender would then know

        that the address works and will then sell it to other spammers, thus vastly increasing the amount of spam you receive. Real smart.

        I already get spam to 133 user accounts at my domain that have never responded to a spam, not including minor variations on some usernames with added or deleted characters, start with a digit, or contain more than two consecutive digits in the username. (The majority are now usernames a spammer used when sending mail forged as being from my domain.)

        Sometimes I think that maybe if my domain didn't look like it was a catch-all and had instead bounced those first e-mails addressed to users like a1aaa1azzzz1z

        • Sometimes I think that maybe if my domain didn't look like it was a catch-all and had instead bounced those first e-mails addressed to users like a1aaa1azzzz1zaaaaa, catchthismail, and thisisjusttestmessageatall at my domain maybe it would have been less of a target for forgery and spam today.

          Don't count on it. I religiously bounced non-account mail for the first 3 years of my current domain. It's made 0% difference. I do roughly track the non-account names. Many are simply random gibberish, and those

      • You actually think this would affect the amount of spam you get? Or that spammers actually check the replies they get? Sorry but in my experience neither of those things are true. Spammers do NOT have a problem getting 'confirmed workable emails'. Nor do they do crap with your replies. Yeah, I was real smart. You apparently need some real world experience.
  • It was pushing some uranium-mining company in Canada or something. No real contact info on it. Lord knows how I got on that list - probably one of the e-merchants I bought laptop parts off of in the last few weeks.
  • If only they would use actual copyrighted MP3s when sending their spam*. I'd love to see the eventual RIAA-spammer fight. No matter who loses, we'd win.


    *I could actually see this happening, if spammers start luring in users by harvesting random MP3s found on botnets and appending their audio spam to the end of the file.

  • I think satan just spoke to me, pump-n-dump porn (Score:4, Funny)

    by jollyreaper ( 513215 ) on Thursday October 18, 2007 @04:09PM (#21030673)
    Ok, you know that ramen noodle commercial where we see this hawt japanese chick bobbing her head up and down, slurping on something that's just below the bottom of the screen, we all think it's wang but we then see it's an instant ramen cup? Just imagine if it wasn't ramen and the symbol of the stock in question was written on her forehead. Five minutes of knob-slobbing action, brought to you by the fine folks at ABC Corp. Spam this out to a hundred million people and just see the results you'll get!

    Wow, that spam plan is so evil, I think the Russian mafia is coming to kill me.
  • It's a pretty dubious practice to determine legality and spaminess of content by file type. I am sure it will not take spammers long to send wav, wma or aac promotions instead. In the meantime, file shares can trade mp3.bz2 files. Already we have to send .zippy attachments to each other here because all zip files are blocked as virus carriers.
  • Besides the fact that such attachments are easy to identify and block, like the image span became, the problem for spammers is the reduced rate of return. The bigger the attachments they send out, including PDFs and Excel spreadsheets, which have take over for image span lately, the fewer they can send out with whatever bandwidth they've managed to steal with their botnets.

    This reduces their rate of return on the spam, and encourages them to try to find ways to minimize the size of the spam so it can get th

    • Re: (Score:2)

      by Alioth ( 221270 )
      Actually, it doesn't go right through spam detectors, it gets caught by the URLBLs (that have been going already for a couple of years). SpamAssassin has become a LOT more effective since the spammers switched to URLs. Although I get more spam sent to me (up from about 100 a day last year to 250 a day now), about 40 a day this time last year got through the filters - generally less than 10 a day are getting through now thanks to the URLBLs and the ease of filtering bad URLs.

  • Got one (Score:4, Funny)

    by HTH NE1 ( 675604 ) on Thursday October 18, 2007 @04:18PM (#21030855)
    I received one of these, except instead of a stock spam, it was some annoying woman repeating over and over, "What the fuck do you think you're doing?"
  • I remember sound ads in emails years ago, thats why i now leave my speakers off unless i want to listen to something.

    It also eliminates the nosies people stick on webpages as well.

  • I never understood how image spam, and to some extent even HTML spam, lasts so long without being quickly crushed by filters. An email that has any sort of attachment (sheesh, even a PGP/MIME signature) is either spam, or it's from someone I know (i.e. whitelisted).

    Countering audio attachments should be absolutely trivial if you have a filter, and it's hard to imagine that anyone is able to use email without a filter these days. If it has any attachment and it's from someone you've never corresponded wit

    • Yes. lets drop emails that have mp3s attached with an extremely low bitrate, especially if there is no english words found in the message body. (meaning at least some percent of the words need to be spelled correctly)

    • I tend to go even further: if it's got an attachment and I'm not expecting a specific attachment from that particular sender at that time, it's spam. A lot of viruses send to addresses in the local address book, so just because I know the sender doesn't mean they haven't gotten infected and it's the virus sending me spam/malware. So my policy is that if people want to send me files they can either put them up on a server and send me the location so I can download it, or they can contact me beforehand and fi

  • Got a bunch today (Score:3, Insightful)

    by GoRK ( 10018 ) on Thursday October 18, 2007 @06:57PM (#21033141) Homepage Journal
    I got three or four of these today. I think they will be a pretty short lived trend for a couple of reasons:

    You can't understand it. Think a million times worse than Max Headroom on a cell phone. It's so noisy and distorted that you can barely make out that it is a female voice much less interpret the stock symbol she is attempting to SPELL! I have a nice noise canceling headset for my phone and still have to use the phonetic alphabet to spell things on the phone. How do they expect this to work?

    They are huge. Mine passed my spam filter simply because I've never had a spam bigger than 100KB, so I haven't ever bothered to filter them. I guess things like the Storm botnet are changing the limits of this, but still, 100KB is 10-100 times the amount of data vs a normal spam that you have to send out to plaster your message onto everyone's inbox.

    The real take-home message here is that while there is quite a lot of mention about how the spammers are 'having to get innovative' the reality is that they are having to get desperate. There is no innovation in sending a unique audio message to somebody via email. But when they have to bypass all existing spam filters in addition to having to resort to sending out huge, uniquely distorted audio files to get their message across they are definitely feeling cornered.
  • "Spammers are back with a new trick, this time round sending messages with MP3 attachments that contain the latest pump-and-dump stock scams .." Says Graham Cluley

    Anyone who responds to such scams is obviously too dumb to be allowed possession of money, it's best to have them taken out of the economy ..

    "These are not attacking any kind of vulnerability in the computer"

    "They are attacking the vulnerability of people's brains [gss.co.uk] " [Graham Cluley - Sophos] May 2004
  • "Brett Jolly said he planned to have an accredited gemmologist verify within 48 hours whether the gem was a diamond [news24.com]."

    "We put it on a garage grinder and the thing won't scratch, so what can it be?"

    "The huge stone, which was believed to be the world's largest diamond, is a fake .. Jolly .. confirmed that he had tested [fin24.co.za] the alleged diamond in the company of a journalist on Thursday"

    Like why don't he hand it over to De beers and have them test it, before calling for 'investors' in his diamond mine, wher
  • I use Ubuntu out of the box, so I can't play your mp3 SPAM!


    See, you can work Ubuntu into ANY comment. Try it, it's fun.

Slashdot Top Deals

A morsel of genuine history is a thing so rare as to be always valuable. -- Thomas Jefferson

Close