Cybercrime
Cybercrime is the term used to name all penal offences committed via computer networks, especially on the internet network.
Spam is part of these offences and there are several techniques used by spammers. Let’s go through some of the most widely spread ones.
Spam is part of these offences and there are several techniques used by spammers. Let’s go through some of the most widely spread ones.
« Classical » spam
This is an illegal and illegitimate message sent in mass with no compliance to any law (stolen e-mail addresses, no prior consent of physical person, no link to unsubscribe …).
This type of message has an unknown sender and mediocre spelling. It usually offers adult products (Viagra, pornographic adverts…), medicine (skin care, slimming pills…), finance (insurance, loans…), education (private lessons, internships…) or IT (hardware, software…).
This type of message has an unknown sender and mediocre spelling. It usually offers adult products (Viagra, pornographic adverts…), medicine (skin care, slimming pills…), finance (insurance, loans…), education (private lessons, internships…) or IT (hardware, software…).
Phishing
Phishing is a technique used by spammers with the objective of collecting private and confidential information.
With this information, the spammer could usurp your identity and take advantage of various information such as your banking details. This is a well-established method and confuses the victim very rapidly. Indeed, you receive an e-mail from an existing organization (a bank for instance) and
With this information, the spammer could usurp your identity and take advantage of various information such as your banking details. This is a well-established method and confuses the victim very rapidly. Indeed, you receive an e-mail from an existing organization (a bank for instance) and
the content and the layout seem like an official body. It tells you about an issue regarding your credit card and asks you for card numbers to fix it.
Most of the time, this type of very alerting e-mail leads you towards an almost identical to the official website, so that you fill in the requested data the swindler will save on his end.
Similarly, this type of attack could also aim at stealing your phone number, address, date of birth or banking details through e-mails supposedly sent by public administrations, Internet Service Providers or more recently, by social networks.
A new type of phishing is rising constantly. It is called the « spear phishing ». This attack is similar to classical phishing excepted that the spammer will get information on his target via pirating social networks so that he can personalize his e-mail attack. The victim is thereof under trust as he sees his name and contact details.
Phishing example If you find yourself in this position, the first action to undertake is obviously not to respond.
Most of the time, this type of very alerting e-mail leads you towards an almost identical to the official website, so that you fill in the requested data the swindler will save on his end.
Similarly, this type of attack could also aim at stealing your phone number, address, date of birth or banking details through e-mails supposedly sent by public administrations, Internet Service Providers or more recently, by social networks.
A new type of phishing is rising constantly. It is called the « spear phishing ». This attack is similar to classical phishing excepted that the spammer will get information on his target via pirating social networks so that he can personalize his e-mail attack. The victim is thereof under trust as he sees his name and contact details.
Scam
Also known as Nigerian swindling, this technique is spread through e-mails.
Typically the sender informs you that he owns a huge amount of money coming from a suspicious event (inheritance, political monetary fund, fake lottery, gold dust…). You are asked to help transfer this money
Typically the sender informs you that he owns a huge amount of money coming from a suspicious event (inheritance, political monetary fund, fake lottery, gold dust…). You are asked to help transfer this money
quickly onto an existing account in return for a percentage of the transferred amount.
If the victim accepts, money (transfer, order…) will be asked to supposedly cover dubious costs (kickbacks or custody for instance). The victim will obviously never receive the promised amount and would rather get an unpleasant surprise regarding lost money on his bank statement. In France, this type of scam comes especially from Ivory Coast or Benin.
Another type is emotionally driven. Your interlocutor announces you by e-mail to be seriously ill with no hope of being saved. Not having any family, this person offers you to inherit an extravagant amount of money. Also, known as « Russian scam » or « Romance scam », this type of scam enables spammers to take the role of an eastern-European woman (from Russia most of the time) e-mailing you about seeing you on this or this dating website. These supposedly women will try to build a distant relationship with you. Once a certain trust level is reached, they will start asking you money to pay the internet, a passport fee or any administrative costs. She will then go up to asking you to pay a plane ticket in order to meet you. You will obviously never see this person and the money spent will be lost. Beware that this type of scamming is also used directly through dating websites.
We can notice that some scams have moved from the idea of heritage or dating and are rather based on extremely attractive bargains such as contract phones with unlimited calling time at a pathetic price.
Another highly rising type of scam these last days is sending an e-mail through an usurped address of one of your contact. You thus receive an e-mail from one of your contact – relative or friend. This person tells you he is abroad for business or holidays and he unfortunately got robbed all personal belongings. It is specified in this e-mail that it is sent through an internet cafe and you must urgently send money to help. This type of scam inspires confidence since you know the sender and it could work if you rush into it. Beware not to respond to such e-mails.
Another type is emotionally driven. Your interlocutor announces you by e-mail to be seriously ill with no hope of being saved. Not having any family, this person offers you to inherit an extravagant amount of money. Also, known as « Russian scam » or « Romance scam », this type of scam enables spammers to take the role of an eastern-European woman (from Russia most of the time) e-mailing you about seeing you on this or this dating website. These supposedly women will try to build a distant relationship with you. Once a certain trust level is reached, they will start asking you money to pay the internet, a passport fee or any administrative costs. She will then go up to asking you to pay a plane ticket in order to meet you. You will obviously never see this person and the money spent will be lost. Beware that this type of scamming is also used directly through dating websites.
We can notice that some scams have moved from the idea of heritage or dating and are rather based on extremely attractive bargains such as contract phones with unlimited calling time at a pathetic price.
Another highly rising type of scam these last days is sending an e-mail through an usurped address of one of your contact. You thus receive an e-mail from one of your contact – relative or friend. This person tells you he is abroad for business or holidays and he unfortunately got robbed all personal belongings. It is specified in this e-mail that it is sent through an internet cafe and you must urgently send money to help. This type of scam inspires confidence since you know the sender and it could work if you rush into it. Beware not to respond to such e-mails.
The zombie-PC
To send spam in mass, spammers use a technique called zombie-PC or botnet (for a group of zombie-PC).
This technique consists in taking control of a PC and sending a massive quantity of e-mails through this PC without the user knowing it.
The origin of a zombie-PC is a prior infection by a “Trojan horse” or “worm” malware for instance, via a spam’s attachment, a website visit or after clicking on a fraudulent link. This type of malware will enable the spammer to take control of the PC.
He will then use the infected PC to send his spams and transfer the virus to other PCs to take their control and thereof expand his botnet park.
