In-Depth

Security Briefs: April Recap, Can-Spam Charges, Eset's Antivirus Software

Top vulnerabilities include a virus and a Hotmail hoax; FTC charges spammers; NOD32 antivirus software for consumers and the enterprise

• By Mathew Schwartz
• 05/05/2004

Top April Viruses and Hoaxes

Antivirus firm Sophos released its list of top viruses for April. Netsky variants garnered the top seven spots, with Netsky-P leading the pack with 23 percent of reports.

“Several Netsky strains continued to cause serious difficulties for unprotected computer users throughout the month of April. With the author of the original Netsky worm claiming to have shared the viral code, it’s possible that copycats might be getting their paws dirty by sending out new Netsky variants,” notes Carole Theriault, a Sophos security consultant.

The firm detected 740 new viruses in April.

On a lighter note, the firm also detailed April’s top hoaxes, with a Hotmail hoax leading reports. The e-mail lured users into forwarding it with various versions. Here’s one: “Urgent: Please Forward! Hello to everyone from the Hotmail Headquarters! This is just a little test to see who is actively using their email account and in effect deleting all inactive users accounts.”

The well-known Nigerian letter scam hoax also made it into the Top 10 list this month, a first. “Several versions of this letter exist, all designed to defraud and extort money from e-mail users. On a positive note, one scammer, Peter Okoeguale, was this month sentenced to 20 months in jail by a judge in North Wales after police traced 11 of his victims,” says Theriault.

Sophos has a free hoax-information feed: http://www.sophos.com/virusinfo/infofeed

Related Story:

Worm Writers One-Up Each Other
http://esj.com/security/article.asp?EditorialsID=887

- - -

First Can-Spam Arrests

The Federal Trade Commission announced the first charges stemming from violation of the dubiously titled Can-Spam (for Controlling the Assault of Non-Solicited Pornography and Marketing) Act—which went into effect January 1-- apparently busting two spam rings.

The first charges were filed against employees of Phoenix Avatar, a Detroit-area-based operation selling what the FTC says were “bogus diet patches.” The accused apparently raked in almost $100,000 per month from the $59.95 patches, which the agency alledges “have no effect at all.”

The FTC also filed a suit in conjunction with Australian authorities against Global Web Promotions, which operates in Australia and New Zealand.

“The cyber scam artists who exploit the Internet for commercial gain should take notice. Federal law now makes it a felony to use falsehood and deception to hide the origin of the spam messages hawking your fraudulent wares,” says Jeffrey G. Collins, U.S. Attorney for the Eastern District of Michigan.

The FTC, which allows consumers to report spam via its Web site, says it linked 490,000 spam messages to Phoenix Avatar, and 399,000 to Global Web Promotions.

The Postal Inspection Service and such Internet service providers as Microsoft and AOL also helped the investigation.

Related Story:

Can-Spam, Laced with Loopholes, Creates Confusion
http://esj.com/news/article.asp?editorialsId=845

- - -

Antivirus from the Edge

MCP Magazine editor Michael Domingo interviews Anton Zajac, president of Eset Software, about his company's antivirus offerings—products that have an interesting back story in their development.

Read the full story here, courtesy of MCP Magazine:
http://mcpmag.com/news/article.asp?EditorialsID=684