The Australian Communications and Media Authority (ACMA) has received complaints concerning unsolicited SMS messages sent to Australian mobile telephone number holders. An example of one of the messages is below:

“I am about to kill you. If you want to live, contact [xxx@xxx.com] to get information on what you will have to do to live. If you ignore this message, you will die!”

These types of electronic messages are used as an inducement to supply personal information, credit card details and usernames and passwords to the scammer. Commonly sent by email, scams also often pretend to be from a well-known bank, financial institution or telecommunications provider.

Another popular scam is known as an “Advance Fee” scam. The electronic message purports to advise the recipient that they have won a substantial share of a lottery, reward or prize if they can provide “transfer” or “courier” fees. The scammer may then continue to seek small amounts of money and the ultimate prize is never received.

Unsolicited commercial electronic messages with an Australian link are covered by the Spam Act 2003. The Spam Act applies to electronic messages, including SMS, which are sent with the intention of obtaining financial advantage through deception.

The Spam Act is enforced by the ACMA and complaints about spam can be made to the ACMA website.

The Federal Trade Commission and other U.S. law enforcement agencies have partnered with Jamaican authorities to share informaiton, investigators and complaint data to crack down fraudulent telemarketing operations in Jamaica.

The telemarketing operations involve Jamaica-based telemarketing scammers who pose as lawyers, customs officials or lottery representatives and target U.S. residents with phony promises of sweepstakes or lottery winnings.

According to the combined U.S. and Jamaica force known as JOLT (Jamaican Operations Linked to Telemarketing), these sweepstakes and lottery promotions are likely to be fake. “Winners” are told they can claim a prize if they pay for shipping, insurance, customs duties, or taxes, but in reality there is no prize – and the scammers keep the money.

A friend recently asked why some of his associates’ emails are being trashed to his Spam / Junk folder. Of course he knew his associates as people who would not engage in such illegal activities like sending spams.

We did a quick check and noted that Yahoo had been having problems with its anti-spamming filter lately.

Erroneous mail rejections at Yahoo had been reported as happening since last month. It just so happened that our friend is using a Yahoo webmail. And Yahoo’s spam filter was playing up.

The problem with Yahoo’s anti-spamming filter had been reported in the Spamhaus website. Spamhaus reported that Yahoo had issued the following announcement:

We have received reports that some senders are seeing intermittent IP blocks when sending to Yahoo! Mail, with the SMTP error message from us citing that the block was due to a Spamhaus listing — e.g., “553 5.7.1 [BL21] Connections not accepted from IP addresses on Spamhaus PBL.” (See our full list of SMTP error messages at http://postmaster.yahoo.com/errors/ .)

If your IPs are currently not listed on any Spamhaus blocklist but you are seeing this error, please be assured that we are looking into the matter. We shall post an update once we have resolved the issue.

Yahoo’s HELP pages should provide some guide on how to place email addresses in the users whitelist.

In a media release today, the Australian Communications and Media Authority announced that it has joined forces with the New Zealand Department of Internal Affairs in the fight against spam.

ACMA and the NZ government agency signed a Memorandum of Understanding (MOU) to establish channels of communication that will allow both agencies to move quickly in response to the challenges and demands of the ever-changing spam environment.

“Spam is a global problem that requires coordinated global action,” said Chris Chapman, ACMA Chairman.

“Over 99 per cent of the spam that reaches Australians comes from overseas. Fighting spam nationally is vital, but long term gains can only be made through cooperation with other countries and overseas regulators.

“This MOU allows each agency to promote and foster the assistance and exchange of information relevant to our regulatory functions. It also reflects the historically strong working relationship and economic ties between the two countries.”

The Deputy Secretary of Internal Affairs, Keith Manch, welcomed the signing of the MOU. “‘It is a pragmatic document, focussed on the real world, that will support the anti-spam element of our general campaign against cyber crime,’” Mr Manch said.

Under the terms of the MOU, requests for information extend to confidential material as well as assistance for compliance and enforcement matters, while taking into account the legal, policy and administrative limits on the powers of each agency to exchange such information, the ACMA release reported.

Australia and New Zealand are also signatories of the Seoul-Melbourne Multilateral Anti-Spam Agreement, signed by regional countries in the Pacific in April 2005. Australia actively participates in international spam enforcement cooperation with over 30 countries.

Symantec has reported that Twitter is being used as bait to phish personal information:

“Spammers habitually exploit the reputations of brands for their benefit. As more and more people become connected through social networking sites, it is no surprise that the trust and reputation earned by these websites is misused by spammers. We are monitoring spam attacks this week that try to take advantage of the burgeoning social networking brand Twitter for two spam campaigns: make money fast (MMF) and dating spam.”

Yes, we have seen Twitter-ers microblogging links to Make Money Fast sites. No, we have not been lured to give out personal information.

Hopefully, others have remained far from the reach of MMF sites too.

From time to time, we check on the Spamhaus Project on its weekly reports on the world’s ten worst spammers, spam origin by country, and ISPs.

According to the Spamhaus Project, 100 known spam operations are responsible for 80% of spam received by internet users in North America and Europe.

As at 8 May 2009, the top 10 worst spammers were Canadian Pharmacy (USA), Leo Kuvayev / Bad Cow (Russian Fed), HerbalKing (India), Vincent Chan / yoric.net (HK), Alex Blood / Alexander Mosh / AlekseyB / Alex Polyakov (Ukraine), Nikhil Kumar Pragji / Dark-Mailer (Australia), Peter Severa / Peter Levashov (Russian Fed), Yambo Financials (Ukraine), Ruslan Ibragimov / send-safe.com (Russian Fed) and Rove Digital (Estonia). Previous report

The top worst spam service ISPs were tiscall.net, covad.com, vsnlinternational.com, ttnet.net.tr, relianceglobalcom.com, verizon.com, sprint.net, tbroad.com, citelecom.ci and ovh.net.

Source - The Spamhaus Project

The 10 worst spam origin countries were United States, China, Russian Federation, United Kingdom, South Korea, India, Brazil, Japan, Germany and Italy. Previous report

Source - The Spamhaus Project

Spam levels reached nineteen month high as image spams continue to flood emails.

This is the highlight of the MessageLabs April 2009 report released this week.

The report noted that with image spams making a comeback, spam levels were 85.3% in April, an increase of 9.6% over the previous month. During April, there were also 3,561 new sites blocked per day, an increase of 27.3% since March.

Image spam peaked in 2007 with emails containing image attachments, such as .gif or .jpg, said MessageLabs. These images contained text that had been rendered as an image to evade traditional spam filtering techniques that would attempt to analyze word patterns in the email.

A disturbing development among image spams, according to MessageLabs, is that the images are now being hosted on what appear to be trustworth hosting sites. With the use of redirection links from reputable sites in order to mask the true location of the image hosting, spammers are able to evade spam filters that examine the domains of the hyperlinks contained in the email.

Based on the analysis of MessageLabs, the spams contain the standard email text such as unsubscribe opt-outs and privacy links, designed to make the overall appearance seem legitimate and compliant with anti-spamming legislation.

The MessageLabs latest intelligence report also noted that the recent G20 summit held in London was the subject of a number of targeted Trojan attacks during March and April.

The attacks comprised of emails which included a PDF attachment which if opened would cause a Trojan downloader to be installed and executed. This would then download further spyware components onto the targeted computer.

Spamwatchers is dedicated as a reporting site to share with internet users and friends on how to avoid being spammed, and scammed.

It is not surprising therefore that from time to time, there are attempts to discredit Spamwatchers or some of its affiliated websites (see list).

The most common attacks against Spamwatchers include spams pretending to have been sent out by this site. The aim of spammers is to make the recipients believe that the spam was sent out by Spamwatchers, and who then complain to an anti-spamming organisation.

Spammers are not as clever as they think they are. They send out spams with the mistaken belief that most internet users are unintelligent. Most internet users can easily see through the email facade. Do spammers think that internet users will fall into a wrong belief that Spamwatchers would send out spams? Do spammers think that anti-spamming organisations blacklist a website ~ simply on the basis of a complaint ~ without undertaking a proper investigation?

Contrary to what spammers may be thinking, anti-spamming organisations are most careful in making a decision. Anti-spamming organisations recognise that the impact and repercussions of a wrong decision are severe ~ to the website against which a wrong decision was made and to them as well.

Only spammers send spam. If you receive spams supposedly originating from Spamwatchers, delete them. These are emails sent by spammers angry at us for helping anti-spamming organisations expose their practices.

Last March 19, we wrote Facebook still displaying get-rich-quick scam ads.

From information relayed to us by our friends with Facebook profiles, it looks like the ads have finally been pulled out. They have not seen those ads during the last 5 days or so.

That’s good news. Thank you.

The number of websites blocked for hosting malicious content rose to 2,797 websites per day in March, according to a MessageLabs report, a 197.2% increase over the previous month and the highest level since October 2008.

Photo: An email with images found by MessageLabs containing scripts

The report attributed the increase to a sharp increase in the number of images containing injected scripts such as Javascript or VBScript hosted in free image-hosting websites, and may potentially extend to some popular social networking sites and multi-media file sharing sites that allow users to allow upload and share pictures.

Older browsers are most likely vulnerable to this technique, the report continued. The technique can exploit a flaw in older browsers where HTML, Javascript or VBScript is appended to the end of the binary code of an image such that when rendered, the HTML and script is also executed.

MessageLabs also reported that when the image was opened in a certain environment, the embedded script could trigger a pop-up ads from a number of different online advertisement service providers. Combined with tracking technology, the pop-up ads can be customized to the user’s location and language.

In March, 20.3% of email-borne malware contained links to malicious sites, a 16.5% increase since February. Spoofed postcard mails were responsible for 14.0% of malicious links in emails during March.

Email connections totalled 4.8 billion per day in March. Spam made up 75.7 percent of all emails, an increase of 2.4% since February. One in 181 emails contained viruses (an increase of 0.03% since February) and one in 284 emails comprised a phishing attack (a decrease of 0.17% since February)

MessageLabs is a messaging and web security company which was recently acquired by Symantec.