recent posts

Social Networking Accounts Prized By Cybercrooks
RedBox Warns of Credit Card Skimmers
Opera Updates and a Black Tuesday Preview
Beware Targeted Data-Stealing Tax Scam
Consumers Report $239 Million Lost To Cyber Fraud In '07

Stories by Category

Stories By Date

related links

The Archives
Security Fix Live: Web Chats
About This Blog
Password Primer
7 Security Tips
Technology Section

syndicate

About This Blog   |   Archives   |   RSS Feeds RSS Feed   (What's RSS?)

Spammers Tempt Surfers to Help Solve Captchas

Call it an online game of strip poker, only spammers are the ones walking away with all the winnings.

The latest innovation in malicious software takes the form of shapely "Melissa," an alluring, scantily clad blond who requests the victim's assistance in disrobing her. In this particular scam, which is assisted by a piece of malware anti-virus firm TrendMicro identifies as TROJ_CAPTCHAR.A, an additional article of clothing comes off each time the user helps her solve a CAPTCHA.

CAPTCHAs, or "Completely Automated Public Turing test to tell Computers and Humans Apart," are those squiggly agglomerations of letters and numbers that free Webmail providers such as Yahoo! require the user to interpret and input before being allowed to open a new e-mail account. The Webmail providers use the CAPTCHAs to stop spammers and other bad guys from using automated processes to create hundreds or thousands of fake accounts. Those new accounts, of course, are not logged yet by anti-spam filters, so they give spammers a new platform to deliver their garbage.

The images served by the "Melissa" malware are real CAPTCHAs generated by Yahoo!'s Webmail registration process. As a result, each time a victim removes another article of clothing from her, spammers responsible for distributing the malware are able to create yet another Yahoo! account.

According to TrendMicro, the program that generates Melissa is downloaded onto a user's computer by other malware -- a bot or another bundle of adware/spyware. This malware is completely unrelated to the infamous Melissa worm of 1999.

The tactic employed by Melissa, while fascinating, is hardly new. A few months back, I learned of similar activity from security experts at BitDefender, an anti-virus company based in Romania.

BitDefender had spotted a piece of malware it labeled "Trojan.Spammer.HotLan," which apparently succeeded through similar methods of solving between 400 to 500 CAPTCHA requests per hour, solutions that were then forwarded from Hotmail, Gmail, and Yahoo! to facilitate new Webmail account creations.

By Brian Krebs |  October 30, 2007; 10:20 AM ET Fraud , From the Bunker , Misc. , Safety Tips
Previous: Simplifying Long-Distance Tech Support | Next: Hiding In Plain Sight

Comments

Please email us to report offensive comments.



Wow, that's clever. How do you think the webmail services will respond?

Posted by: William | October 30, 2007 11:44 AM

Personally, I think my photo on the WaPo is better than hers. Click on it and see for yourself. LOL

Posted by: brucerealtor@gmail.com | October 30, 2007 12:35 PM

Clever is right.

The cell phone industry had sort of the same problem in it's infancy. The first call you made with the phone had to be from your coverage area. If you didn't the phone was assumed stolen. To get around this the first time user should have to phone home as it were, first time. Any subsequent requests must come from the same ISP or the account is deemed hijacked.

Posted by: GTexas | October 30, 2007 4:54 PM

What will they think of next? I suppose it's only a matter of time before spammers figure out a way to slice up elements of a crime and distribute the actions to horny men, or participate in a DNS attack, or launch hacks.

Posted by: Mark | October 30, 2007 11:40 PM

Never underestimate the willingness of teenage boys to see the state of a woman in undress...

I have to say this is a great, off the wall solution to the CAPTCHA problem from the spammers.

Posted by: Toby | October 31, 2007 5:00 AM

You'd think that with all the porn freely available on the net that this scam would have a hard time drawing attention to itself.

Posted by: Robert | October 31, 2007 6:50 AM

Hardcore porn is readily available on the Internet. Why would someone, spend several minutes trying to see a woman's breast is beyond me, unless it's pre-teens?

Posted by: Jabreal00 | October 31, 2007 8:59 AM

I think it ties into a deeper psychological need. True, a young male could turn to any porn site to get what he wants for free, but this trick is effective for a slightly different reason. Because, in a strange way, the user feels somehow like he has "earned" the right to see the girl undressing. It's the same reason why video strip poker games continue to flourish. The young male "earns" the right to strip the girl, thus enhancing his male ego.

It's very subtle, but very effective, I'm sure...

Posted by: jkurrle | October 31, 2007 3:15 PM

The question is, are the perpetrators of this scam clever enough to have their script TEST EACH CAPTCHA as soon as it is entered? I suppose so, or people would learn to enter random junk pretty quickly. But I'd bet if you didn't verify, you'd still get a pretty good return rate, so it might not be worth the time to do the extra programming.

Posted by: Max H. | October 31, 2007 3:28 PM

This is indeed rather clever, I wonder if the people who came up with the idea were inspired by the Google Image Labeler idea.

http://www.sciencetext.com/google-image-labeler.html

db

Posted by: David Bradley | November 5, 2007 4:37 AM

The comments to this entry are closed.

 
 

©  The Washington Post Company