Are you a “malware” mule?

May 2nd, 2010

Someone’s using you to carry their stuff and you’re not even getting paid!
If your friends complain that they are receiving strange emails from you, you have probably been converted into a ‘malware mule’, meaning you are now an animal who distributes advertising and other ‘bad’ emails on the web. You are one of thousands of ‘malware mules’ whose e-mail account details and passwords are available on the black market for between $1 and $20.

Online address book
Payment of this trifling sum gives anyone access to your entire online address book and thus the opportunity to send out messages masquerading as friendly communiqués from some sexy sounding woman that begin with the words “Hello Dear” before immediately segueing into a sales pitch for a popular brand of training shoe, pills, pirated software and may other products. The evil masterminds behind all this presume, quite rightly, that we’re more likely to open messages from people who are embedded within our address books – even if the subject lines of their e-mails are suspiciously reminiscent of spam, eg, “you’ll be the super lover”.

Spam filters
Not only that, the message is far less likely to be rejected in the first place by spam filters, which are, thankfully, getting better at rejecting random missives from non-existent humans advising us of tempting ways to boost our flagging sexual appeal.

Spam
This hijacking of e-mail accounts is just one contributory factor towards the ever-increasing level of spam that mail servers have to deal with: up six percent in the first three months of this year, over the same period in 2009.

More than addresses
Spam is only one of the problems faced by the malware mules. We store all kinds of personal information in our webmail. Login details to various websites, including online banking and credit card sites, can get lodged in online inboxes without us even thinking; perhaps we’ve sent them to a trusted friend so we can access said sites on their computer, or just e-mailed them to ourselves as a reminder. But once we’ve done that, they sit on the e-mail server for perpetuity – unless we delete them – and the only barrier to their being accessed is the guessing of one password.

Passwords
A recent analysis of breached passwords showed that hundreds of thousands of people worldwide still consider the password “123456″ to be a pretty clever security device. It isn’t. Security software firm Symantec has just highlighted this issue in one of its regular Internet Security Threat Reports.

Lucrative trade
Cyber crime has recently overtaken the international drug trade as the most lucrative illegal global business, we’d do well to take Symantec’s advice, change our passwords, and stop using our e-mail accounts as pathetically insecure filing cabinets. Another example of malfunctioning security was exposed last week, when Apple inadvertently revealed its new iPhone model about three months early, thanks to an employee who went out for the night and left it on a bar stool. Anything can happen.

This entry was posted on Sunday, May 2nd, 2010 at 3:56 am and is filed under Personal / Internet. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Click here to cancel reply.

Name (required)

Mail (will not be published) (required)

Website