Fighting malware and spam
Broken link
February 2007
Over the last few years we have seen many examples of spam messages that do not contain a link to the advertised website; instead they contain an image requiring that the recipient type the URL into his browser. As a result, it is well known that a single GIF image of small dimensions and file size is a very good indicator of spam.
This year, spammers are proving to be very innovative. With the goal of pursuading the user to type the URL into a browser instead of clicking on a picture or on a simple URL, the spammers have broken the link by adding an invalid character into it. Beneath the link is an explanation of what the recipient needs to do in order to make the link functional:
We have seen examples of broken links in the wild with characters '*', '-' and a space insterted in different parts of the mail.
It is interesting to note that Firefox doesn't complain when an invalid character is included in the URL, merely producing a 'server not found' error:
IE7, on the other hand, clearly explains that the address is not valid:
Sorin Mustaca, Avira
Poll
Should anti-virus software be free for personal use?Leave a comment
View 43 comments
VB100 certification
VB's testing team put 24 anti-malware products to the test on
the server version of Microsoft's latest iteration of the Windows
platform: Windows Server 2008. John Hawes has all the details on which
products managed to secure a VB100 award and which need have a little
more work to do.
See full results.
Virus Bulletin currently has 144,127 registered users.