Just ask Sophos

Oct 29, 2007 16:40 GMT  ·  By

As odd as it may sound, free pornographic content featuring the Hollywood start Angelina Jolie is not the best thing that you'd want to integrate with your copy of Windows. Spammed emails containing explicit promises of a scantly clad Angelina Jolie hit inboxes on a daily basis. In fact, the practice has become a circadian fact of life, inherent with every email service. Of course that for the sake of variety, the spam campaigns not always rely on the strong incentive that is Angelina Jolie in what promises to be a very sexual experience. Security company Sophos has offered an insight into how to detect potential threats from the context of the email.

"It is said that pr0n is what makes the internet go round (or is that up and down?) Spammers and malware authors appear to know this all too well judging by their continued use of smut in an attempt to increase the size of their botnets. You've received about a dozen messages from various email addresses none of which you recognise, all of which have similar subject lines of: "Hot pictures", "Hot game" and "Here is it" - someone queue the cheesy porn music? Do you really think a dozen random people are going to share their pictures of naked Angelina Jolie with strangers, or has the promise of a bit of flesh put your logical thinking on hold?" asked a member of the SophosLabs AU.

Sophos does not illustrate actual examples of malicious code hiding behind the spammed emails advertising free pornography, as this aspect is not relevant onto itself. The fact of the matter is that any type of malware can piggyback ride on spam as attachments, usually .ZIP archives, set up to bypass the filters of the email services. And the messages itself make it quite difficult to ignore the possibility of taking a peek at the contents of the attachments.

"Good afternoon, old chap! Wanna see very sexual Angelina Jolie in short leather skirt and white silk blouse. She slowly gets undressed and shows her big tits? ;) Watch in your attachment! Best Regards. when they can obesity. It may even in the shuffle, the report says. Numerous studies and lots of of free play time, report says. have the resources, develop problem-solving the pressure, prepared by two he not be on par own thing," reads the content of just such a spammed email.

The random fragment of text at the bottom of the message is another clear indication that the email comes from an untrusted source and should be deleted immediately. According to Sophos, the randomized text is the result of a hash-buster. In this manner, the spammers are constructing individually unique templates.

"What more proof do you need that Angelina is not about to pose nude for you? Ask yourself this, how much of Angelina can you possibly fit in a 20KB attachment? You say its zipped, I say delete the email before your computer unwillingly joins someone else's botnet. Such attachments are too small to contain images but can easily contain malware. If in doubt, delete it! Otherwise you might get caught with your pants down," Sophos added.