Spyware spreaders have stepped up attempts to trick users into downloading malware using a combination of browser vulnerabilities and deceptive spam emails. In particular, bogus warnings about infestation are frequently being used to dupe Windows users into accepting potentially malign code, reports security vendor Websense. In many cases, these scam emails also request money in return for "fixing" supposed security problems that don't actually exist (example here).

Such social engineering tricks represent a common-enough spyware scumbag ploy but Websense has identified a number of common factors within attacks launched over the last fortnight. Many of the sites involved in these scams are hosted in either the Ukraine or Russia. Their domain names are registered in countries such as Vanuatu and Mexico. Code downloaded from these sites often includes several pieces of spyware, adware, and other potentially unwanted software. Removing any of this software often forces users to fill out a survey.

The same IP netblocks associated with these nefarious sites have often recently been used to host malicious code such as Trojan horse downloaders and host-file redirection software, Websense reports. Furthermore, IP netblocks of these scam hosting sites are often hosting other questionable sites such as fraudulent search engines. Several of the 1,500 sites analysed by Websense contain links to other sites that are hosting IE exploit code.

In summary, these scam emails subject recipients to a noxious cocktail of unpleasantness that's best avoided. Screen shots of these spyware scam emails can be found on Websense's website here. ®

Related stories

• Cash, blow-up dolls and mime artist star at spyware knees-up (29 April 2008)

  https://www.theregister.com/2008/04/29/klik_party/

• Dismissal scam spam targets medical centre (3 November 2006)

  https://www.theregister.com/2006/11/03/dismissal_spyware_spam_scam/

• 'Spamford' Wallace fined $4m over spyware biz (5 May 2006)

  https://www.theregister.com/2006/05/05/ftc_spyware_lawsuits/

• Phishing fraudsters offer cash reward (14 March 2006)

  https://www.theregister.com/2006/03/14/chase_phishing_scam/

• StopBadware.org to name and shame spyware scumbags (25 January 2006)

  https://www.theregister.com/2006/01/25/stopbadware/

• Dodgy anti-spyware firms to cough up $2m (10 January 2006)

  https://www.theregister.com/2006/01/10/ftc_spyware/

• CAN-SPAM working - FTC (21 December 2005)

  https://www.theregister.com/2005/12/21/can-spam/

• Users inundated with pop-ups (13 December 2005)

  https://www.theregister.com/2005/12/13/secfocus_popups/

• Bacon Raton keeps US at top of spam charts (12 October 2005)

  https://www.theregister.com/2005/10/12/sophos_spam_chart/

• Users want ISPs to filter spyware (11 October 2005)

  https://www.theregister.com/2005/10/11/spyware_survey/

• Zombie bots fuel spyware boom (11 July 2005)

  https://www.theregister.com/2005/07/11/malware_report_mcafee/

• Check Point beefs up spyware defences (8 July 2005)

  https://www.theregister.com/2005/07/08/zonealarm_spyware_defence/

• Pop-up smut tops spyware chart (4 July 2005)

  https://www.theregister.com/2005/07/04/spyware_chart/

• Anti-spam success drives malware authors downmarket (30 June 2005)

  https://www.theregister.com/2005/06/30/digital_mafia_rountable/