Wednesday, December 21, 2005

Spamming For Vigilante Justice

Worms propagating through emails use different techniques to lure unsuspecting recipients into opening an attached document, a new worm replica, that emails itself further and further.
Most worm writers create their email content with Social Engineering in mind. The latest headlines, for example, discussed a Sober worm variant that tries to frighten you into opening an attached "questionnaire" by mentioning that it was sent from the FBI offices after your computer's IP was detected at illegal web sites. Here's an example -

Dear Sir/Madam,
We have logged your IP-address on more than 30 illegal
Web sites.
Important: Please answer our questions! The list of questions are

Yours faithfully,
Steven Allison
Federal Bureau of Investigation

The FBI was so concerned by this worm that they've actually rushed to issued a warning on their website.

Now for the punch-line. It appears that a slightly revised version of the above email, caused an alleged pedophile in Germany to hand himself over to the local police after mistaking the automatically generated worm text as an official warning that he was under investigation !

Amazing, though I was somewhat annoyed to see that the different newspapers tried to spin this as the doings of a nice worm writer, while the only intent in the emailer's mind was to cause as many people as possible to install the worm.

On the other hand, that does raise an interesting idea, an experiment of sorts. Suppose someone really tries to call for vigilante justice "the Sober way". He writes the following email and send it to millions randomly selected email addresses across the globe.

You thought you'll get away with this, but guess what ? I've got
it all on tape !!!
Now here's the deal. As much as I'd like to see you rot in jail for the
rest of your life, I'll graciously give you exactly 24 hours to do the right thing and turn yourself in, before I'll make the tape public and your sentence will be
much more painful.

This is my first and last warning and you know I'm not
joking !

Your 24 hours start now -- You know who

What do you think will happen ?


