Yesterday I ran across an identity fraud technique that I see several times a year. This technique is highly targeted towards a specific individual, and is difficult to block in its entirety. It’s also difficult to understand if you have no idea what is happening. I call it the DSD Technique, standing for Distributed Spam Distraction Technique. It hasn’t quite caught on yet, but you never know.

So here’s the scenario, you’re just minding your own business checking your email, maybe doing some work, when all of a sudden your inbox begins to fill with hundreds upon thousands of spam emails whose contents are nothing but mash-ups of words and phrases from literature. There are no links to follow, no hidden JavaScript, no pictures or advertisements, just words. Every email is different as well, nearly perfectly randomized, though if you comb through them carefully, you will begin to see some repeated content. The emails themselves are obviously botnet delivered too because all of the senders are different, usually freemail providers, the sending IPs are all different, and the rate at which their arriving would make one’s head spin.

After a blast lasting anywhere from 12 to 24 hours an inbox will receive around 60,000 of these benign seeming annoyances, and then suddenly they’ll just stop. After the binary dust settles you’ll wonder what the point was. While it certainly makes it nearly impossible to use your email, it actually had one specific goal in mind, distracting you from your actual valid email. The people behind this spam blast have somehow obtained personal account information for their target as well as their proper email address. In order to hide account transaction information confirmation emails, such as purchase receipts or balance transfers which now arrive instantly via email, the attackers, just before they make the illegal transactions, turn on this deluge of spam email in order for these very important emails to get lost in the flood. Once the bad guys are done with their activities they’ll stop the flood.

The best thing to do if someone notices this happening is not to try to monitor their email, but instead go directly to their account(s) activity. Possibly give any that may be at risk a call in advance. Which may sound daunting, but not as daunting as sifting through tens of thousands of emails over a 24 hour period waiting for the one with the clue. These often need to be caught fast so that they can be stopped at the financial institution before they’re finalized. Play it safe and if something seems fishy like in this scenario it probably is. Good safety precautions when preforming any transaction online is key to help prevent things from getting to this point to begin with.

ddt4 resized 600

Have a thought on this article? Share it here.