This batch is NOT from the Paul campaign, but security firms warn that political spam pitching candidates and causes is going to be huge in coming months.
Sunday, November 4, 2007; 12:19 AM
Spam supporting presidential hopeful Ron Paul filled inboxes this week as zombie computers spewed thousands of messages to recipients, according to spam experts. The spam supporting Paul was sent using the same illegal spam methods used to distribute masculinity enhancement products and pump-and-dump penny stock schemes.
Experts suggest getting used to it. They expect that during this election cycle things are going to get ugly as campaigns, spammers, unruly supporters, and even rival camps use blogs, inboxes, YouTube videos, and search engines to spam the vote.
In this case, theRon Paul 2008 Presidential Campaign Committeevigorously denies sending the spam, approving its distribution, or having any ties to its senders. Security experts analyzing the deluge agree the official organization is likely not the source.
Or, as everyone discussing the deluge noted, the spam may have been sent by someone trying to make Paul look bad by associating him with spamming.
"It's a tactic that we've seen many times in the past," says Sam Masiello, director of threat management at e-mail security firmMX Logic. "We just didn't expect to see it start happening so early this year."
Security experts contacted report seeing this week waves of identical spam that supports candidate Paul. In each instance, the spamwas sent using a botnet, which is a network of hijacked consumer or commercial PCs that are often used surreptitiously by hackers to send spam.
MX Logic's Masiello says the spam messages sent on Paul's behalf didn't contain malicious surprises
Instead, the Ron Paul spam contained only written requests to support Paul's presidential bid. E-mail subject lines of the spam messages featured various come-ons, such as "Who Is Ron Paul?" "Ron Paul Eliminates The IRS!" and "Ron Paul Wins GOP Debate!"
"We suspect an overzealous and well-intentioned Ron Paul supporter sent these messages," says Jesse Benton, spokesperson for the Ron Paul 2008 Presidential Campaign Committee. Benton suggests the spam may have been sent by someone interested in discrediting Paul by associating his campaign with spamming.
A Paul spam surge was spotted Monday by several security services, includingSophosLabs, which quickly began blocking the messages. MX Logic tracked the spam coming from hijacked PCs from Europe, South America, and Australia. The security services say volumes of Paul spam have dropped considerably by Friday.
What is unique about the Paul spam is that it doesn't try to entice the recipient to do anything, such as visit a page loaded up with malware. It's a common tactic of virus-spreaders or phishers to lure recipients into opening an enticing message with a spoofed return address--inviting them to donate money to California fire victims, for example, and instead harvesting the credit card information for nefarious purposes. That kind of spam could cause a backlash on Paul, even if his campaign had nothing to do with it.
Security experts expect political spam will soon be used to carry more than political messages. Representatives of Internet security firmSonicWallsay they have already seen political-themed spam used to entice people to open messages containing links to viruses and wormsincluding the so-called Storm worm.
Click to view image: '116143-images.jpg'
|Liveleak on Facebook|