Saturday, September 26, 2009

Blonde spammers

Have you ever received an email by beatiful blonde girls that you don't know? And they want to know you, to get one of your photo to know you better.

Maybe you asked yourself how a beautiful girl you don't know have got your personal email and why she wants to know you if you have never seen her.

Strange story... collecting some of these emails can give us some answers.
Collecting them showed one thing first of all, all the collected emails shows blonde girl, why don't a brown one?

Maybe seeing a blonde andid and innocent girl get your defenses low, so you wouldn't think about the risks that poses replying such an email.

Let's get a deeper look at some of the images received with the emails:

some exif data tells that gd-jpeg has been used to create the images, gd is an open source graphics library with bindings for lots of programming languages (some other images found have less suspicious exif data).

so we got another question now... why would a girl use a graphics library?

Get all the questions togheter and we can say that this email can be:
  • a fraud
  • a way for spammers to see if the email is active
  • a try to steal sensitive informations
this case should make think about the different treats that an attack can pose even with a simple email and the collaboration of the victim.


No comments: