MSNBC Spam-O-Rama

Just when you thought it was safe to look in your in-box again, a new wave of malware spam has arrived. Lucky us.

This morning I found my Gmail spam box stuffed with "BREAKING NEWS" purporting to be from MSNBC. Headlines have range from the semi-plausible: "McCain Plans Vietnam Campaign Tour;" to the unlikely, "Nation Morns the Tragic Loss of Britney Spears;" to the utterly unbelievable: "Paris Hilton Lectures on Dickens and Dostoevsky." For more, much more, you can see a listing of spam subjects used to date on the MSNBC.com Spam page.

If this sounds familiar, it should. In early August, a flood of similar spam messages poured out. These pretended to be from CNN and also had over-the-top headlines with links to bogus sites. Once there, you'd get a message telling you that you had to upgrade your Adobe Flash Player. If you'd gone that far, your only choice was to either download the "Flash Player," which was actually one of several malware packages, or quit your browser.

This is a replay of the same malicious spam game. As a Linux user, it doesn't do anything to me except fill up my inbox with junk. For naïve Windows users, though, it's a real threat.

I'd like to think that people are bright enough to avoid this kind of threat. But, in a world where people really are dumb enough to send their personal financial information so they can get "The Ministry of Finance of the Federal Republic of Nigeria to the release of your fund ($25 000, 000, 00) which has been delayed," you really can't expect them to let installing a new version of Flash to stand between them and seeing "Scarlett Johanssen nude video."

More to the point, this kind of spam uses three different ways to tempt you into downloading their malware. First, it appears to be from a trusted, or at least known, source. Chances are you'd ignore a news message from some site you'd never heard of, but you already know CNN and MSNBC.

Next, the subject line sounds like it might be true and it also sounds interesting. Heck, maybe McCain would visit Vietnam. Obama's world tour certainly got him attention, but for McCain to go back to where he had been a POW would be even more newsworthy. And, as for Scarlett Johansson, well sex always sells and when does a week go by without some salacious celebrity news?

Finally, if you use Flash, or many other media players, you're already used to getting the occasional message telling you that you need to upgrade your player. Put all three factors together and the only thing that's really surprising is that more people have fallen into this new trap.

As Richi Jennings, an industry analyst and the culprit behind Computerworld's own IT Blogwatch, says, "This technique of forging legitimate newsletters has been tried before. In 2007, we saw several other victims, including such newsletters as Electronic Arts, the Sci-Fi Channel, and foodingredientsfirst.com."

Jennings continued, "It just goes to show that spammers continue to try new techniques to get through filters, or try to improve on old techniques. Despite several high-profile prosecutions of spammers, the temptation to spam is still there, driven by the promise of illicit financial gain."

Thankfully, today's state-of-the-art filters aren't so dependent on content to make their spam/ham decision. The combination of other techniques -- such as sender reputation, receiver reputation, greylisting, tarpitting, and server fingerprinting -- mean that this sort of spam rarely gets seen by users. Of course, if you're seeing forged MSNBC in your inbox, perhaps it's time to get a new spam filter?" concluded Jennings.

This is one of the reasons why I'm planning on giving my mother-in-law an Ubuntu Linux laptop soon. She's a sweet, bright lady, but she's also trusting and not at all Internet savvy. Even with the top Windows anti-virus software and spam filters, she'd have to keep them up to date, and eventually something would come through. With a Linux laptop though she could click on every malware link that comes her way and she won't get a bug.

We'll never completely stop spam and malware. And, eventually, someone somewhere will come up with a viable Linux virus or malware, but, for now, the best thing to do to stop malware from personally annoying you is to switch to Linux. Short of that, Windows users should continue to keep their protection software updated and be very, very suspicious of any e-mail that sounds a little too 'interesting.'