One of the most worrisome things you’ll ever see turn up in your e-mail inbox is a deluge of messages each comprised of a long block of text, usually cut-and-pasted from a work of literature.
Messaging security company AppRiver says this means you’re a targeted victim in an unfolding attack — in what it calls a Distributed Spam Distraction attack.
The bad guys have singled you out; have access to one of your online financial accounts; and are at that moment pilfering you cash, or using your account to make a large purchase, says Fred Touchette, senior security analyst at AppRiver.
It could be your bank, or a shopping site account that’s being hijacked. What’s happening is that the bad guys have directed a network of infected computers, known as a botnet, to send you tens of thousands of e-mails, each from a different machine, each with a message carrying a large block of literary text, and nothing else.
VIDEO: How botnets are used for another criminal activity – denial of service attacks.
The intent: to clog your inbox and obscure legit messages coming to you from your financial or retail account confirming a transaction. These distraction attacks have been around for a couple of years, and they’ve begun resurfacing in e-mail traffic filtered by AppRiver.
A blast of such messages aimed at an individual victim can last 12 to 24 hours and number 60,000 e-mails, each coming from a different infected machine that’s part of a botnet controlled by the attacks, says Touchette.
“The people behind this spam blast have obtained personal account information for their target,” he says. “Their goal is to hide transactions information, such as confirmation e-mails or purchase receipts. They turn on this deluge of spam e-mail so this information gets lost in the flood. One they’re done, they’ll stop the floods.”
The block text of literary classics tends to slip past spam filters set to watch for malicious code, suspicious links and even combinations of words known to be used by spammers.
The best thing you can do if you find yourself under such an attack is to immediately contact the companies with whom you hold active online financial and retailing accounts,
“This may sound daunting, but it’s not as daunting as sifting through tens of thousands of e-mails waiting for one with a clue,” says Touchette. “These attacks need to be caught fast so they can be stopped at the financial institutions before they’re finalized.”