FBI Spam contains trojan and the future of spam detection

I had actually seen this email a few times in some of my spam catches.  The “come on” is that the FBI has been monitoring the sites you visit and here is a list of the naughty ones.  It had never occured to me that the FBI would have a statement regarding this.  As it turns out the press room issued a statement regarding the monitoring of peoples personal surfing habits.

Recipients of this or similar solicitations should know that the FBI does not engage in the practice of sending unsolicited e-mails to the public in this manner. 

That didn’t have anything to do with whether they are watching or not.  Of course not because they can and do watch.  The fear of this Big Brother reality likely caused many people to open up the attachement.  It was likely a .zip overflow or a trojan hidden inside the archive file.  The latter seems to be a very popular method of skirting through anti virus devices.  Many companies these days install large devices on the perimeter of the network to capture the virii and trojans before they even hit the mailbox.  This method allows them to smuggle the payload past the inspecting devices by packaging the malicious code in .zip or .rar files.  There is a huge performance issue to consider if every single .zip file is inspected.  Even worse, some of the virii are smart enough to password protect their .zip files and put the instructions to open them in the message itself. 

This is why I believe the advocates of S/MIME and S/POP and other encrypted email standards will face very stiff opposition.  If we encrypt all the email messages then we can’t search them for virii!  This would also create a utopia for spammers since their Viagra laden messages would slip by as well. 

Post a Comment

You must be logged in to post a comment.