Salocin

Another spam tool - Admin alerts

Just when you thought that, having taken over your mailbox and your browser window, spammers had all the bases covered, now they use admin alerts to advertise direct to your screen.

Recently, a new breed of spam has arrived. I don't know if you've noticed it, perhaps you are so inured to the popup windows from your browser that you didn't even realize they were different, but now spammers have a way of making a window pop up on your screen with their message in it. No action is required on your part, they just have to target your computer's address, and up it comes, in the form of an administrator alert.

The implications of this are a little worrying - no longer is this something that occurs because I stepped into the wrong webpage, this is something that is done to your computer by a third party, by hijacking an administrator service on your machine.

Technically, it's hacking (or "cracking", to use the correct term), at the very least it's theft of resources : It's unauthorised access to the functionality of my assets so that the purposes of the spammer can be served.

So people with poor products seek to transfer the costs of their advertising to the recipient of the message - we've seen this before, it's the same economic argument as email spam, it's annoying, but governments are really slow at enacting legislation to protect us from such intrusions.

In this case, the intrusion seems to be coming from people using DirectAdvertiser software. If you want to be very afraid, you can always read their testimonials page.

This new breed of spam points to a larger problem through - this vulnerability in Windows was discovered by a marketer before it was discovered by any security expert. In other words, since they have the incentive to find and use such technology, their efforts at detecting holes in the our firewalls are much more focused and effective than those of our software providers.

That Microsoft software is full of holes is not new, but the ease with which spammers find ways to access our computers surely points to a greater vulnerability that is inherent in the design of such software. Each individual hole in our IT security becomes merely another symptom of the flawed design and weak security built into all the products we install.

Below are pictures of the spams I've bothered to grab off my screen - if you grab one, mail it to me at contributions@ salocin.com and I'll put it up. I tend to receive the University Diplomas one over and over.