Bagle variants coming in spam

The Register is reporting that new Bagle variants are coming in spam. It comes attached as a Zip file, and in there is an exe file with some random looking name. If you extract that exe file from the zip file and then run it, not only are you an idiot, you will install a trojan which will then download more bad things and infect your machine.

This is a very common tactic these days to get a large starting point for the virus to spread from. They used to seed them to a few computers and let it grow from there - but spamming out to millions (or even many thousands) gets them a much larger starting point, so the growth can happen much more quickly.

Ways around this of course are to keep an updated anti-virus program, a good anti-spam system, and don't open every attachment that comes to you and arbitrarily run whatever programs happen to be in them. Unless you are expecting an attachment and it is of a type which can't do harm easily (images, PDF, Word/Excel with no Macros, etc), then you probably have no reason to look into it further than just tossing it.

Also note that your anti-virus tool should be able to drill down into Zip files for several levels and check the content in there.

Mobile Text Message Spam Doubles

InformationWeek reports that Mobile Text Message Spam Doubles. Incidentally being told that something doubles isn't very helpful unless you know the time period over which it happened so you can establish the rate... and this was over the course of 2004.

The most interesting thing in the article which caught my eye was the mention that people won't stand for this on mobile messaging since they have to pay for the messages (in and out). This is interesting to me since technically all e-mail that we send/receive, we have to pay for too. But it is a much broader and abstract of the term since it is part of the bandwidth and hardware allowances people see as part of being online.

But a charge for the actual messages directly and it showing up on your bill causes even those that are the least technically savvy to sit up and take notice.

The article notes that specifically because of these fees, people won't tolerate the spam the same way that they might via email... then why the huge surge? Because it has to reach a breaking point (or a Tipping Point if you are a Malcolm Gladwell fan) before finally it reaches a level after which the demands on everyone (network resources, individual wallets, annoyance levels, etc) have been maxed out and then action will be taken.

If you really want to get a headache though, you have to remember that the ones who can best reduce the spam are the phone companies. And who gets paid for each of those messages sent AND received? Yeah, that would be the phone companies.

So it is going to become an issue of when the money is no longer made due to the amount of customer service issues they have to deal with around it, and with that there are companies who will evolve to fill the niche (and already are) to block/filter the spam at various points in the chain.

As far as I know, it remains to be seen at this point which point along the way or which company is the breakout leader for mobile anti-spam tech.