New threat - DSD smokescreens of spam

By Peter Lambert | July 29, 2019

1907_dsd_cyberattack_i842133980

A sudden influx of spam may not be a simple annoyance but a warning sign that you are under attack, thanks to a new technique used by hackers known as distributed spam distraction (DSD).

DSD is used to hide important security messages amongst piles of annoying spam. Read on for details.

Understanding DSD

Distributed spam distraction (DSD) is designed to inundate your inbox with thousands of nonsensical emails. There are no dangerous links, ads, or attachments involved, just random excerpts of text stolen from books and websites. What’s worse, the email and IP addresses used are all different, so victims can’t simply block a specific sender.

These attacks last anywhere from 12 to 24 hours and can flood inboxes with as many as 60,000 messages. While they may seem like harmless annoyances, the true purpose of DSD is to draw victims’ attention away from what hackers are doing behind the scenes.

What hackers are doing is exploiting your personally identifiable information (PII) to make unauthorised purchases or pilfer cash directly from your accounts. The DSD acts as a sort of smokescreen to hide payment confirmation messages behind a deluge of spam messages.

Related blog: Keep your email safe

New tactics

Over the years, hackers have developed new tactics involving DSD. Several reports have shown that, instead of nonsensical emails, hackers are using automated software to have their targets sign up for thousands of free accounts and newsletters to distract them with authentic messages. This allows DSD blasts to slip past spam filters that have been designed to weed out malicious code and gibberish text used by traditional DSD attacks.

What’s even more worrying is that any ill-intentioned individual can go on the dark web and pay for DSD services. They just have to provide a hacker with their target’s name, email address, and credit card numbers — all of which can also be purchased on the dark web — and pay as little as $40 to send 20,000 spam messages.

How to stop it

DSD is a clear sign that your account has been hijacked, so whenever you receive dozens of emails in quick succession, contact your bank to cancel any unfamiliar transactions and change your login credentials as soon as possible. It’s also important to update your anti-spam software (or get one if you still don’t have one) to protect your inbox from future DSD attacks.

Hackers only initiate DSD attacks after they’ve obtained their target’s email address and personal information, so make sure your accounts and identity are well protected. You should regularly change your passwords and pins, enable multifactor authentication, set up text alerts for whenever online purchases are made in your name, and be careful about sharing personal information.

Does the threat of DSD concern you?

For more tips on how to deal with DSD attacks and other cyberattacks, give us a call on 1300 307 907 or contact us via the form below.

 

Contact us today

 

 Published with permission from TechAdvisory.org. Source.

TAGS: Business Value, News and General, IT Security

About the Author
Peter Lambert

Marketing specialist and technical blogger @ Diamond IT - I have over 25 years of experience in Information & Communications systems. My range of skills is diverse and includes extensive experience in desktop solutions, server and network presales and administration, VOIP phone systems, journalism, creative writing, technical writing, digital videography and audio visual streaming. I hold a Certificate IV in Training and Assessment, and I am an experienced classroom trainer and course coordinator. I hold an Advanced Diploma in Network Security, a Diploma in Network Administration, and a Certificate IV in Networking. I am a Cisco Certified Network Associate (CCNA) and Microsoft Certified Solutions Associate (MCSA).