Beware of viral Valentine’s Day spam and other scams

February 13th, 2009

Cyber criminals have begun inundating the Internet with Valentine’s Day-themed spam, bogus web deals and even blackmail.

PC Tools has uncovered one of the more innovative variants: an email offer for a “Valentine Devkit” you supposedly  can use to custom design a nifty online Valentine’s card for your sweetheart. Do not click, no matter how cute you think these puppies are!

puppies1

Other viral Valentine’s spam coming from operators of the Waledec botnet, who are infamous for putting up fake Barack Obama web sites,  come with subject lines such as “a Valentine card from a friend” and “you have received a Valentine e-card.” Two other rival spam botnets are using similar tactics: the Onbot botnet is spreading viral spam with the subject line suggesting “someone thinks you are very special and has sent you a kiss,” while spam from the Pushdo botnet cajoles you to “prepare for Valentine’s Day” and “be ready.” Clicking to links in such spam can lead to your computer being turned into a bot, and your sensitive data being stolen by a keystroke logger.

“Don’t be fooled. Avoid clicking on Valentine’s e-cards, especially prior to February 14,” says Bradley Anstis, Marshal8e6′s director of technology strategy. “The spammers are trying to squeeze the most out of this opportunity.”

Meanwhile, representatives at the Alliance Against Bait & Click caution smitten consumers shopping online for baubles to be wary of dishonest marketers spreading scam ads, called “scads.” These bogus ads make unauthorized use of popular brand names — such as Tiffany, Godiva, and Westin Hotel — mixed with outrageous claims to lure online shoppers, especially around holidays.

Check the AABC’s webpage for tips on how to avoid getting scammed by a scad. The AABC also provides avenues for action, including a petition to the FTC calling for tighter controls and contacting the search engines directly to report scads and press for tighter filters.

Cyber criminals have also recently copied photos from a model’s online portfolio and created a fake online dating profile to scam others, says Toralv Dirro, security strategist at McAfee. The cyber criminals then blackmailed the model, demanding cash in exchange for them to stop using her images. “With more and more people using social network sites, online dating scams in various forms are nearly certain to increase,” says Dirro.