Here’s an update on my previous post regarding the diet pill spam lurking on Yahoo Messenger (and as I researched, on other IM networks as well)

After further research, CA Security Advisor Research Blog tells that this is actually a phishing scam.

spam_canI never clicked the links included on the spams I receive. But as the article indicates, links on the spam (each message might contain a different link) points to a single IP and it is a website about the pills offering a free trial of the popular fruit. However, upon checkout, it is not using the “https://” or secure http, which definitely means phishing. So if the unfortunate victim clicks submit, his credit card information will be sent to someone so he/she can use it for fraud.

So how does this spam works? This is only my theory. Either a malware on our computers or from some net cafe we went to was able to catch our username and password. Due to reports that the spam is received from clients that are “logged off” from Yahoo (which is my experience), I believe that a certain spambot on some server (maybe the same server as the phishing website) logs in using the username and password, sends a buzz to the poor clients contacts then sends the spam message with the link. So the unsuspecting receipient thinks that the message is legitimate, clicks the link, attracted by the offer (since Acai berry was really promoted by Oprah Winfrey and Rachel Ray), takes the trial, fills the credit card info, hits submit, and his/her credit card details are now in the hands of the criminals for their use.

Some possible but reasonable tips on how to avoid/solve this problem (take note, this might not solve the problem, but you won’t lose anything if you try):

  • Update your operating system, softwares, etc. with the latest patches from the manufacturers.
  • Update your security software (anti-virus) virus definitions.
  • Do a regular (on your own terms:)) full system scan.
  • Don’t trust files from the internet (unless you are sure, don’t run or install).
  • Change your YM password.
  • Inform your friends who are sending the spam to do the same thing.

I have already changed my password and will be monitoring if someone will still receive a message from me.

Notes: (from www.wikipedia.org)

Spam – A collection of unsolicited bulk electronic messages

Phishing – the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

Acai Berry (açaí palm) – a member of the genus Euterpe, which contains 8 species of palms native to tropical Central and South America, from Belize south to Brazil and Peru, growing mainly in floodplains and swamps. Recently, the açai “berry” has been touted and marketed as a highly beneficial dietary supplement. Companies sell açaí berry products in the form of tablets, juice, smoothies, instant drink powders, and whole fruit.

There can never be a “spam free world”, but at least we can do something to minimize it.