Spam’s Unsubscribe Link Downloads Nasty Things to PC

The Internet Patrol - Patrolling the Internet for You

Now, this just isn’t nice. Still, you have to give the spammers points for cleverness.

MessageGate has determined that spam featuring the domain xcelent.biz has gone beyond the usual rudeness of using a click on an unsubscribe link to confirm a warm body on the other side of the email inbox.


This badboy actually downloads an EXE file which takes advantage of a known bug in IE – namely that it treats any link containing the “IMG” tag as a valid image file, and, as the US-CERT tells us, “a drag and drop operation on an IMG element with an executable source file will copy the executable file without presenting a download dialog.”

Ouch.

Now, does this mean that you should never click on an unsubscribe link? No, of course not. As Aunty has always said, you should unsubscribe from unwanted email if that email comes from a source which is otherwise known to you, or which you know to be a real, credible organization. But address harvesters and scrapers? Don’t give them the time of day. Hit ‘delete’ with extreme prejudice.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

And for the sake of all that is sacred, don’t run software with known security weaknesses, especially when there are so many other options available to you.

Read more about this here.

Read about the IE flaw at the United States Computer Emergency Readiness Team website here.

 

Kissy kissy,

Aunty

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

6 thoughts on “Spam’s Unsubscribe Link Downloads Nasty Things to PC

  1. Dear Aunty,
    In a perfect world their would be no criminals and we would need no Cops. In a perfect world we would not have mean spirited people who’s joy comes from the misery of others. In the meantime I choose to use “MailWasher Pro” to filter my mail. It takes a little longer to get to my mail but when I get there it is MY MAIL!!!

  2. I learned several years ago-never click on an unsubscribe link. Why do you think spammers include this link?

  3. Dear EPGeek,

    Obviously language and reading comprehension were not your best subjects. Please show Aunty where she has ever said to “always use the unsubscribe”.

    Kissy kissy,

    Aunty

  4. Aunty Dear, I seem to remember a previous column that said to always use the unsubscribe, and I also recall that I said you were cukoo then. Maybe you ought to get with the modern era. Spammers are bad (period) and should be driven (screaming) from the Internet.

  5. SPAM = Some People Are Menaces (Mugs, Morons, M….s, Maniacal, Microcourteous, Macroegotistical, [have funn adding your own M-word]

  6. Aunty? This is a no-brainer, but then of course, this whole thing from Lockergnome, Windows Fanatics, seems to be aimed at people who should never upgrade to 98SE, much less XP. Anyone who opens anything from an email from anyone, or any company, they have never heard of, or if the URL, easily seen by holding the pointer over the name of the email, is unheard of, deserves what they get. Just don’t email me. I’ll send it back, report it as junk and the sender as a spammer.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.