Aug 23 2007
As Brian Krebs points out, the Groucho Marx comment, “I don’t want to belong to any club that will accept me as a member” captures the spirit of the latest round of the Storm worm emails. Following the simple rule of “if you didn’t ask for it, don’t open it” applies to these club membership spams just as well as it does to attachments. I have to give these guys a little credit in saying that this is a new twist of social engineering that will probably get them some good results. At least for a little while.
The list of clubs or online services these spams refer to is around 30 as of today, but you can be certain that it’ll keep growing as people catch on to the first wave of fake services. But the problem with these worms is that they’re easy to update, so new face services will be added quickly, I’m sure. Another annoying aspect of the Storm worm is that it changes it’s binary every 30 minutes, making signature based detection that much harder.