May 2012: Custom rainmeter skins (which provide added features and functionality on the desktop) are popular downloads on the deviantART website, combining graphics and a little coding skill which seems like a natural fit for a website showcasing user created artwork. However, malware writers decided to hammer the deviantART site with a spamrun of malicious executables claiming to be skins based on recent movies, games and cartoons. It combined the most common and successful elements of spamruns on other sites - targeting the most current aspects of pop culture - with a userbase likely unfamiliar with these kinds of tactics.

How have scams evolved compared a decade ago? Are we nearing a time when we'll see mostly highly targeted scams?

Many of the scams seen today are identical to the ones seen many years ago - for every profile stalker seen on Facebook, you can point to ancient Myspace fakeouts. For every semi-intelligent 419 missive, you can dig out a mail from 8 years ago still in circulation. One of the biggest differences is that a lot of the old adware vendors have gone out of business or moved into other areas and the creators of the files have become a lot harder to track down and switch off at the source.

At the same time, legislation hasn't really moved on and for the most part simply cannot hope to tackle the bulk of the malware attacks taking place.


One of the most interesting things about targeted attacks now is how people up to no good are trying to shut researchers out of the equation - witness the recent phish kit that blocks anybody but the email recipient out of the phishing page. It's taking an old technique - detecting whether your browser is IE or FireFox then sending you to a targeted Fake AV download - and applying it in a new way. You'll also see a similar tactic at work should you visit a mobile device scam with a non mobile browser agent, and I'd be surprised if they don't try to refine this process further.

Although in decline compared to targeted scams, a great deal of the swindles we see contain glaring grammatical errors and clearly don't look legitimate. Yet, a great deal of people end up duped into giving their personal information and even money to the scammers. What makes people ignore the warning signs and just comply with the request?

There will always be a good chunk of people online who simply don't know a thing about scams or confidence tricks, and a paper published by a Microsoft researcher suggested that stating a 419 scammer is from Nigeria helps to "self select" targets, because only targets (or 419 baiters) would actually take the time to reply to such an obviously fraudulent missive.

Outside of 419 scams, people simply want to believe that you can get something for nothing. One of our blogs that draws the most user comments is one detailing the workings of a free Microsoft points scam; 90% of the comments are from people so desperate for freebies that they apparently disregard reading the article in favor of asking us how to get free points instead. We see a similar pattern whenever we write about a "something for nothing" scam, so clearly there's a ready and willing melting pot of end-users willing to take a chance with little or no thought for the potential consequences.