14 DAY TRIAL // Of course that, in actuality, the actual message reads something like this: "Please send all chain mail (forwards) to the following addresses". Sophos has revealed in a press release that politeness too can be used as an incentive in social engineering scams, to convince the victims to perform a set of actions in their detriment. This is the case with a spam campaign detected by Sophos that aims to harvest authentic email addresses by convincing the victims to forward chain emails to malicious destinations.
"I would be very grateful if you would be kind enough to forward absolutely anything and everything that remotely resembles chain mail, forwards of any type (even the rude ones). This project is based over the next year and I need at least 500,000 forwards for this project to be a success, so please keep them coming the more the better," reads the malicious email that apparently comes from Gemma, chain mail researcher.
"Spammers need email addresses like a fish needs water. Without details of 'live' email addresses they struggle to get their unwanted marketing messages in front of their potential customers," said Graham Cluley, senior technology consultant for Sophos. "Under the pretence of 'research' spammers are trying to fool internet users into passing on dozens of email addresses with every message they forward. At best this could result in spam being sent to all of your friends and colleagues, at worst they could be put at risk of identity theft. Computer users should break the chain and not respond to messages such as this one."