Charles Anderson told El Reg he received an email from a “Gladlord Mohammed” informing him that “i have being paid $200,000.00 in advance to terminate you with some reasons listed to me by my employers.”

However, Mohammed continued: “i have followed you closely for one week and three days now and have seen that you are innocent of the accusation.” Thus, Mohammed had decided to pass up the contract on Anderson–if he agreed to hand over “$50,000.00 to the account i will provide for you.”

Once Anderson had paid money and met with Mohammed, the hired gun said he would hand over the tape that contained the information on the contracted kill. That information would “be enough evidence for you to take him to court (if you wish to), then the balance will be paid later,” Mohammed wrote.

Anderson was told to keep quiet and not contact the FBI or the police. The assassin reminded him that “I have your picture with me and other vital information. I was hired with my team from Yemen Arab Republic down here. So you don’t need to ask any question. Deal/No Deal?”

Anderson, a software engineer, concluded the email was a scam and simply pressed Gmail’s “Report Spam” button.

“It’s the first scam I’ve ever received that tried to intimidate me into handing over money, rather than just playing on my greed and stupidity,” he told El Reg. “Is this the start of a trend, or have I just been lucky so far?”

Photo: hilltoptreks.ie

Reported instances of cyber crime are on the rise in Switzerland, according to Swiss authorities. The reported incidents increased by approximately 1,000 between 2008 and 2009.

In 2009, 7,541 instances were reported, most of which dealt with spam and pornography. Complaints surrounding pornography grew dramatically to 1,364, while spam remained steady at 1,496.

Instances of fraud also nearly doubled to 354, predominately as ads and fake apartments. The Swiss Coordination Unit for Cybercrime Control has opened 155 cyber crime investigations, up from 29 the previous year. Authorities also said partnering with Italian authorities helped to track down and remove thousands of child pornography.

Researchers with F-Secure say the “People You May Know” section of Facebook appears to utilize search history in providing options for possible new connections.

“I frequently search for spam related keywords, and today, two spam accounts were recommended to me,” research Sean Sullivan writes.

By searching deeper, Sullivan was able to find a series of spam accounts created on the same date.

“All of the profile pictures are of attractive young woman (and one of Kim Kardashian),” he writes. “Several of the photos appear to be of Ukrainian models, based on a reverse image search.”

According to research by security firm M86 Security Labs, spammers are buying dozens of domains at a time and moving from one to another as often as several times a day to avoid getting shut down. For years, spammers have been buying domains in bulk and using them for both redirections to other sites and for locations to set up quick e-commerce sites. Anti-spam services and email filters usually use static lists of known malicious domains, or ones known to be used by spammers.

According to Kaspersky, that initial approach worked well in the fight against spam; lately, however, spammers have begun using more devious and effective tactics. The new M86 research looked at 60 days worth of data from M86 customers and found that more than 70 percent of the domains used by spammers are active for a day or less

In 2010, malware levels never rose above 3 percent of all spam, even on days when malware spam increased. In June, however, malware spam made up almost 12 percent of all spam on the 13th, and topped 5 percent on the 3rd and 15th.

Phishing numbers also increased in June with approximately 25 percent. Phishing websites created by automated toolkits has an increase of 123 percent from May. The number of non-English phishing sites also grew by 15 percent. Among non-English phishing sites, French and Italian continued to be higher in June. Phishing in French increased by one-fourth mainly in the E-commerce sector.

Three of the most commonly used subject lines used by spammers include a blank subject line, “Outlook Setup Notification”and “Reset your Facebook Password.”

Symantec’s report also noted how the United States continues to be the leading country of origin when it comes to spam, followed by India and the Netherlands. The United States also remains the top location for phishing lures and and phishing hosts.

Holidays such as St. Valentine’s Day, Thanksgiving, Halloween and Christmas are occasions that receive a great deal of attention from spammers. Newsworthy events, including celebrity deaths and natural disasters as well as major sporting activities are also popular themes, and the FIFA World Cup is no exception, the report noted.

While spammers often re-send the same spam emails, they include the latest news headlines either in the subject line or somewhere in the body to catch attention of the recipient and increase the likelihood of the message being opened.

Taking advantage of the FIFA event, spammers are using soccer-themed keywords to hawk pharmaceutical products or counterfeit watches and jewelry with subject lines such as “20-hour wait in World Cup ticket line” and “Inter Milan win Italian Cup.” The body of the email will often contain poorly worded sentences crafted to lure the recipient of click on the links embedded.

There are times when spammers spend more time on their campaigns and send out emails that are more individualized but with a touch of 419 scams. A recipient may receive an email saying, “Your email address has been selected as one of the winners of the Nelson Mandela Foundation/Fifa 2010 World Cup Lottery Draw. Kindly review the attached letter for instructions on how you will claim your prize.”

This method of composing somewhat personal messages is much more difficult, so spammers usually go for the simpler, highly automated, “insert subject here,” “or add some text here” approaches. For spammers, it is an easy task to create automated scripts to tinsert relevant keywords and include them in their latest spam campaigns. However, because 419-style spam is done manually, it can often be the most difficult to recognize as it is designed to trick, scam, steal, infect and deceive, Symantec warned.

Researchers at Sophos Labs have discovered the low-yield campaign which targets government users with enticing subjects like “Report on Defending and Operating in a Contested Cyber Domain” and “RE: Al-Qaeda in the Arabian Peninsula.”

“Unlike some of the other Zbot runs we’ve seen, this current run is relatively low volume,” writes Savio Lau, a SophosLabs Canada researcher, in a blog post. “Nevertheless, this trickery by the Zbot crew is not new. They’ve tried to spoof other agencies such as the NSA back in February, going as far as coming up with a spam run that “reports” on their own attacks.”

The emails contain links to the supposed reports, which actually are zip files containing the Zeus Trojan.

“Even if you do work for one of these agencies, there should be no reason you would be receiving weblink reports in this fashion,” Lau writes. “Users should have no trouble avoiding these spam campaigns as long as they remain vigilant.”

“The attack was on the Indonesian government Web server,” Dmitry Bestuzhev of Kaspersky Labs, writes. “The gang behind the attack put a defacement on the hacked Web server clearly related with the World Cup activities.”

The hacked website features the World Cup song and appears more nationalistic, similar to those hacks perpetrated by Chinese, Russian or Iranian hackers when their nations’ are criticized. The only difference is, this hack is related to sport.

“It’s still just a small percentage of spam overall (under 2%) but when comparing the first three days from the last six months, we see a doubling in volume and 74 times the number of hits on related keywords from January to June,” F-Secure’s Sean Sullivan writes. “As the tournament continues from June to July 11th, we expect to see more related threats. A good example? SEO poisoning.”

Federal Commercial Crimes Investigations Department (CCID) head Datuk Koh Hong Sun said that the group was part of a larger SMS scam ring that was broken up last year  in Malaysia’s Tawau province.

Police seized four laptops, 73 mobiles, 41 accounting ledgers, ATM and credit cards and RM6,000 ($1,800) in cash in the raid.

“Each laptop is able to send out up to 1,000 SMSes a day,” Koh said. “Once the victims responded to the SMS, the syndicate would then tell them that they could only collect the cash prizes if they deposited a certain amount of money in a certain bank account.”