Sunday, August 24, 2008

Anatomy of a Blog Spam Attack

There's a very interesting article at The Register that shows how blog spam is now being used to install malware. If you blog, or read blogs (in other words, all of you), should go RTWT.

One of the best things about the article is that the authpor guides you through a series of situations where your security radar should start going off:
  • Clicking a link to a server in eastern europe (8.ru, etc)
  • Getting an XP security popup when you're running Vista, or vice versa
  • Getting an antivirus popup from an antivirus that you don't run
  • Unexpected offers of free antivirus or antispyware*
  • Unexpected appearance of very small browser windows
Yes, I'm a security geek, but all of you should go read this. It's not technical, but it does give you a lot of food for thought. One of your best lines of defenses is a healthy skepticism about what you download.

Remember:
Ranum's Law: Sometimes in security it's easier not to do something stupid than it is to do something smart.

Borepatch's Law: "Free Download" is Internet Security Speak for "Open Your Mouth And Close Your Eyes."
* There are some good online antivirus scans, but you have to go to the vendor's web site to get them - they don't just pop up at any old random web site. Trend Micro has a good one called Housecall.

No comments: