For long time spam companies have received nothing but support and respect from e-mail users around the world. This is why we have seen could be so many attempts from scammers to trick the innocent site owner. This has now become a popular way of making money through some internet companies. Looking at the patterns of the scams we can say that they are following some type of pattern. The pattern for this attack is clearly stated in the e-mail which is provided below:
SimplicityThe idea of this attack is to make the web-server more simple in it’s functionality so that it can be easily compromised. We can see an example in the below example. A web server receives a “friends” message and it is easy to identify from the context that the message was sent from. However, if the same message were to be sent from a “field” that is not associated with a friend then the web server would be compromised. The simple fact is that if a malicious user wants to compromise a web-server, all he has to do is send a “friends” e-mail which don’t belong to any friend and it will be accepted. The web-server will be compromised immediately.
AcceptanceOf course, this only works if the unsuspecting web-user opens the e-mail or takes a look at the HTML code. Even then it is not sure that everything is genuine because, chances are, the web-server has already been compromised by another malicious user with a different username. But even if the web server is legitimate, the e-mail account has to be compromised somehow. This is how the attack works. The unsuspecting web-user gets an e-mail from some friend who maybe overseas and doesn’t know the content of the e-mail but trusts your friend because you know him/her. So, as a matter of fact, you have compromised this e-mail account somehow and it is now being used by a malicious user to trap unsuspecting victims.
So, if you receive an e-mail from “your friend” who is in China and he mention that he is in a lottery, it is probable that this is a scam. Even chances are it is a spoof. If you receive a similar e-mail from another friend who is in NY and he mention that he has 50 million dollars, it is possible that he/she is telling the truth but not in touch with reality.
The point is, any claim, even from a fellow hit by a scammer, that you received something for free, please disregard. It was never free. How could it be, if it was given to you by your friends? The only free gift is the CD that contains the software.*
Did you look for a free CD that contains the software yourself, and did you download its source code?
Did you download any source code patches or upgrades for free when offered by your host?
Did you send your computer to a “trusted site” that requires you to enter your information, as they promised?
Did you pay money to them for getting the information from your computer?
Step 2: Do a search on any “bad sites” that are providing the goods for free and step over them when you find them. But be very careful – if you really want to stop this, you need to contact the specific seller and bargain with them. Surely, you will find some honest, if somewhat ruthless, people around.
Step 3: If you really, really want to stop this, and suspect it is a scam, then get in touch with the seller and put the blame on them. Demand a proof from them that the offer they are selling is genuine and that they are selling what they claimed and more.
