Sophos Warns Of 'Escort' Spam Campaign

New e-mails advertising an online prostitute finder could invite more trouble to your PC than at first glance, the security software company said.

Sharon Gaudin, Contributor

May 8, 2007

2 Min Read
InformationWeek logo in a gray background | InformationWeek

Security researchers are warning users to beware of a new spam campaign that offers up an online prostitute finder.

The spammed e-mails don't seem to carry any malware, and the Web sites that the messages link to don't have any embedded malicious code. But Graham Cluley, senior technology consultant at Sophos, warned that following the link in this kind of e-mail just sets up users for major trouble in the future.

"The danger is that if people are dumb enough to click on this kind of thing, then they're playing with danger," said Cluley in an e-mail to InformationWeek. "Although the Web site appears to be non-malicious, it could just as easily have hosted malware on it. People need to learn that responding to unsolicited e-mails only encourages the spammers to send even more spam -- something none of us really wants."

The e-mails, which contain a subject line that refers to "finding a girl in your town," include an image that contains a Web link. Recipients must manually type in the URL, as well as several sentences of seemingly random text. Sophos researchers noted in an advisory that both features are often deployed by spammers in an attempt to bypass less sophisticated anti-spam filters.

If users type the link into their browser, it will take them to an explicit Web site that has a search tool for finding prostitutes based on geographic location.

Cluley said he's not sure if the service actually works.

"It's most likely an example of pimps showing that they're as Internet-savvy as the next man," he added. "We've seen a lot of pornographic spam in the past, of course, but it's relatively rare for the goods sold to be made of flesh-and-blood."

Image spam, which uses a graphic embedded in an e-mail rather than regular text, has grown in popularity amongst spammers in recent months, according to Sophos. It's often used for promoting stock pump-and-dump scams or online drug sales.

"The quantity of image spam in circulation almost doubled in 2006 and is already proving to be one of the biggest spamming trends of 2007 because it's so hard for those anti-spam filters that just rely on analysis of textual spam content to detect it," explained Cluley. "It's a sad sign of the times, but perhaps not surprising to see that the world's oldest profession is using 21st century technology to advertise its services."

About the Author

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights