YOUR IT - Technology for you

No. 1 Story

Telstra adds one million mobile services, but Sensis plummets

Telstra has revealed the addition of almost one million new mobile services in the six months to December 2011, but Sensis revenues plummeted 24 percent in 12 months.

read more

More From

Massive MP3 spam outbreak from stock pumpers

Your IT - Home IT

Security firms have warned of a new pump-and-dump spam campaign that is attempting to manipulate share prices through MP3 music files. Files posing as music from stars such as Elvis Presley, Fergie and Carrie Underwood actually contain a monotone voice encouraging people to buy shares in a little-known company.

Emails seen by security firm Sophos often contain no subject line or message body but have attached to them an MP3 file typically named after a popular music artist.

Some of the filenames used include hurricanechris.mp3, allforone.mp3, carrieunderwood.mp3, elvis.mp3, baby.mp3, fergie.mp3, and bbrown.mp3.

US-based security firm Commtouch estimates the outbreak accounts for around 7-10% of all spam, globally, over the past 18 hours.

The voice on the MP3 file, which is randomly altered in an attempt to avoid detection by anti-spam filters, says the following:

"Hello, this is an investor alert

Exit Only Incorporated has announced it is ready to launch its new text4cars.com website, already a huge success in Canada, we are expecting amazing results in the USA.

Go read the news and sit on EXTO. That symbol again is EXTO. Thank you."

Exit Only, Inc is a company listed on Pink Sheets that runs a website marketplace for new and used motor vehicles. Some of the MP3 files repeat the message twice, rather than once.

According to Commtouch, the sound quality of the recordings is very poor: 16 kbps bitrate and 11 KHz sample rate with an average length of 30 seconds. They are also highly randomized in order to avoid email filters.

The stock spam MP3 file can be found at: http://www..sophos.com.au/images/sounds/stock-spam.mp3

"Users may click on the MP3 file expecting to hear Elvis, but they'll be all shook up when they discover it's actually a voice resembling Marvin the Paranoid Android droning on about a stock that is set to be the next big thing," said Graham Cluley, senior technology consultant for Sophos.

Sophos experts believe that firms should consider policing the types of file which come into their networks via email.

"Although the spammers seem to have quite a fair bit to learn about machine-generated sales patter, some companies might consider blocking all MP3s in email as a matter of course," said Cluley. "So many music files infringe copyright, and it can be hard for a company to establish which ones are legal and which aren't after they've arrived. Blocking MP3s, or at least quarantining until requested by the user, can be a good way for a company to take a proactive stance against the use of email for illegal file sharing. It also has the benefit of neutralising this sort of spam at the same time."

Loading comments ...

- sponsored feature -

The Death of Traditional BI: What’s Next?

How to Make Business Discovery Work for Your Business IP PABX BUYING GUIDE

Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more