New Spam Masquerades As Admin Alerts
from the not-good dept
Wired has an article about the latest spammer technique to use a setup in Windows that allows for administrators to send pop up messages to users, send unwanted spam popups. The company that creates the product that lets spammers do this says it’s been a huge success. Basically, though, it’s just a security hole that should be blocked off, but which (of course) Microsoft seems to leave open by default. The folks who make the spamming software, and outfit called DirectAdvertiser.com, sound positively gleeful over the fact that they can get around normal procedures to block messages. They also suggest that it’s a “good alternative” to regular spam since this is legal. I wonder if this could be considered hacking into a computer, though, which would make it significantly less than legal.
Comments on “New Spam Masquerades As Admin Alerts”
Legal?
We experienced this last week and scrambled to close what we considered a security hole in our systems. We have about 40 systems online so it cost us time and money. I would think that exploiting this security hole to bypass SPAM filters would be considered illegal. It was definately an intrusion.
It was easy to close. We simply opened the services manager and disabled the messenger service.
Re: Legal?
A way to stop these is just to block port 139 (used by the messenger service) at the gateway.
Re: Re: Legal?
Read the article.
These scumbags are hitting Port 135.
No Subject Given
We are getting many of these ads, especially in our lab. Funny thing is we are a major university. I highly doubt that any of these ads will produce any sales here.