Spam’s Unsubscribe Link Downloads Nasty Things to PC - 2,443 Views, 6 Comments
|
Previous Article « Never Been Easier! (Spamusement Cartoon)
Read Next Article » AOL Offers Security Key, Adds Double Layer Log-in Authentication for Users
Now, this just isn’t nice. Still, you have to give the spammers points for cleverness. MessageGate has determined that spam featuring the domain xcelent.biz has gone beyond the usual rudeness of using a click on an unsubscribe link to confirm a warm body on the other side of the email inbox. This badboy actually downloads an EXE file which takes advantage of a known bug in IE - namely that it treats any link containing the “IMG” tag as a valid image file, and, as the US-CERT tells us, “a drag and drop operation on an IMG element with an executable source file will copy the executable file without presenting a download dialog.” Ouch. Now, does this mean that you should never click on an unsubscribe link? No, of course not. As Aunty has always said, you should unsubscribe from unwanted email if that email comes from a source which is otherwise known to you, or which you know to be a real, credible organization. But address harvesters and scrapers? Don’t give them the time of day. Hit ‘delete’ with extreme prejudice. And for the sake of all that is sacred, don’t run software with known security weaknesses, especially when there are so many other options available to you. Read more about this here. Read about the IE flaw at the United States Computer Emergency Readiness Team website here. Kissy kissy, Aunty
Follow Anne on
Twitter 
Friend Anne on Facebook
Spam’s Unsubscribe Link Downloads Nasty Things to PC
Twitter Explained in Plain English
Previous Article « Never Been Easier! (Spamusement Cartoon)
Read Next Article » AOL Offers Security Key, Adds Double Layer Log-in Authentication for Users
Read more:
» To Unsubscribe or Not to Unsubscribe: That is the Question
» About Google’s Auto Unsubscribe from Spam Service
» Dear Internet Patrol: Spam with No Unsubscribe Link - What to Do?
» New AOL Instant Messenger Windows Virus
For additional similar stories check out our archives on Everything Else
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
Aunty? This is a no-brainer, but then of course, this whole thing from Lockergnome, Windows Fanatics, seems to be aimed at people who should never upgrade to 98SE, much less XP. Anyone who opens anything from an email from anyone, or any company, they have never heard of, or if the URL, easily seen by holding the pointer over the name of the email, is unheard of, deserves what they get. Just don’t email me. I’ll send it back, report it as junk and the sender as a spammer.
Comment by Joe — 9/23/2004 @ 6:34 am
Aunty Dear, I seem to remember a previous column that said to always use the unsubscribe, and I also recall that I said you were cukoo then. Maybe you ought to get with the modern era. Spammers are bad (period) and should be driven (screaming) from the Internet.
Comment by EPGeek — 9/23/2004 @ 8:48 am
Dear EPGeek,
Obviously language and reading comprehension were not your best subjects. Please show Aunty where she has ever said to “always use the unsubscribe”.
Kissy kissy,
Aunty
Comment by Aunty Spam — 9/23/2004 @ 9:34 am
SPAM = Some People Are Menaces (Mugs, Morons, M….s, Maniacal, Microcourteous, Macroegotistical, [have funn adding your own M-word]
Comment by David — 9/23/2004 @ 9:49 am
I learned several years ago-never click on an unsubscribe link. Why do you think spammers include this link?
Comment by webdev — 9/23/2004 @ 9:19 pm
Dear Aunty,
In a perfect world their would be no criminals and we would need no Cops. In a perfect world we would not have mean spirited people who’s joy comes from the misery of others. In the meantime I choose to use “MailWasher Pro” to filter my mail. It takes a little longer to get to my mail but when I get there it is MY MAIL!!!
Comment by Rick Newberry — 9/25/2004 @ 8:10 am