Posted on | November 2, 2007 | No Comments
This is funny, scary and sort of sad all at once. You’ve all seen those boxes that display fuzzy images then ask you to type what you see prior to being able to login to some service, these are known as CAPTCHA blocks, making it very difficult for robot programs to access things like web mail accounts.
Spammers got smart. They setup a ‘virtual stripper’ that appears to a visitor and asks you to solve these little human verification keys. Every time you solve a CAPTCHA (rather easy for humans), the stripper (named “Melissa” removes another piece of virtual clothing.
By using the results of solved CAPTCHA keys, spammers are able to use robot scripts to (once again) send out billions of SPAM e-mails from services like Yahoo, Hotmail, etc.
I’m reminded of Tom Sawyer, who was punished on a holiday and made to white wash (paint) a fence by his Aunt Polly. Tom was able to fool his friends into doing the work for him, by making it seem like being able to paint a fence was an esteemed privilege that should be coveted in high regard.
If social engineering has gotten THIS easy, we’re doomed. Just be glad that the spammers did not recruit human models from poorer countries. Why do I get the sinking feeling that using real models will be the next trick? Most spammers have rather large botnets, I’m sure the bandwidth to do it is at their disposal.
More about this at Liquidmatrix if your interested.