It seems like the spammers never get bored and they are
always looking for new methods to annoy you. We had the classic spam, the image
spam, the spam that used PDF files or Excel files and now, according to several
security companies, the spammers have developed the audio spam.
The method is simple. Spammers are sending e-mails with MP3
files attached that usually have appealing names such as aguilera.mp3
llcoolj.mp3, elvis.mp3 or beatles.mp3.
When the user opens the attached file instead of music, it
plays a message that this is an 'Investor Alert', and then promotes a company
and stock symbol - a classic 'pump and dump' scam.
The voice on the MP3 file, which is randomly altered in an
attempt to avoid detection by anti-spam filters, says the following:
“Hello, this is an investor alert
Exit Only Incorporated has announced it is ready to launch
its new text4cars.com website, already a huge success in Canada, we are expecting amazing results in the USA.
Go read the news and sit on EXTO. That symbol again is EXTO.
Thank you”
Exit Only, Inc is a company listed on Pink Sheets that runs
a website marketplace for new and used motor vehicles. Some of the MP3 files
repeat the message twice, rather than once.
"Users may click on the MP3 file expecting to hear
Elvis, but they'll be all shook up when they discover it's actually a voice
resembling Marvin the Paranoid Android droning on about a stock that is set to
be the next big thing," said Graham Cluley, senior technology consultant
for Sophos. "The spammers are already likely to have purchased stock on
the cheap, and they are now trying to artificially inflate its price by
encouraging others to purchase more. Once the stock rises, they'll quickly sell
up, leaving the duped investors crying in the chapel. Thankfully though, it's
hard to believe that many internet users will fall for such an amateurish
presentation of an 'investor alert'."
The anti-spam solutions company Mail-Filters.com said that
the current distribution of spam that is attaching MP3 files accounts for less
than 3% of the total spam distribution. But, unlike the other spam methods, the
audio spam can be more dangerous due to the size of MP3 files and it can clog
email servers and a company's bandwidth very quickly.
The security experts said that the companies might consider
blocking all MP3s in email as a solution to this kind of spam.
So, until the security companies will develop new methods to
detect the new spam method, you just follow an old good advice: “Don’t click on
everything you see in your e-mail”
