Experts at SophosLabs have identified an attempt by internet fraudsters to damage the reputation of a website designed to fight online money laundering.
Bobbear is a British website designed to inform the community about websites set up by gangs stealing money from innocent internet users. Emails sent by the criminal gangs often claim to offer lucrative earnings to those recipients who agree to move money in and out of their bank accounts on behalf of a financial institution.
A spam email campaign, intercepted by Sophos, attempts to tarnish BobBear's reputation by asking for money to be donated to the website via online payment service e-Gold. However, Bobbear makes clear on its website that this campaign is a spoof, as it never sends spam and never asks for donations.
Part of the email, which includes an e-Gold account number, reads:
MAKE DONATION TODAY! Donate for website which fights with money laundry and child porno please!! bobbear.co.uk is working for your calm!
The fraudulent email asks people to send money to an e-Gold account to support Bobbear.
"Clearly the good people at Bobbear have upset the bad guys. The criminals have retaliated by trying to smear the website by sending spam in Bobbear's name and asking for donations. Innocent people might be tempted into contributing in the fight against internet child abuse and money laundering, but the only pockets they would be filling belong to the criminals themselves," said Graham Cluley, senior technology consultant for Sophos. t's a dirty trick by the cybercriminals to try and undermine an organization that is actually doing something positive to make the internet a safer place. All email users need to learn to be suspicious of unsolicited emails and not take everything they read at face value."
"I'm grateful to Sophos for their support in this incident. The website Bobbear.co.uk exists to publicise criminal fraud on the internet, to fight criminal fraud on the internet, to offer victim support and to offer a one-stop website for evidential data on the major frauds as an aid to abuse reporting. It also offers information on zombie botnet construction and abuse reporting techniques. The whole ethos of the site is that it is purely voluntary and does not accept donations," said Bob Harrison, administrator of Bobbear. "The fact that criminals have chosen to attack the site shows we must be doing something right."
In April, Sophos reported that the Department of Justice alleged that the owners of e-Gold allowed their service to conduct fund transfers despite knowing that the money being moved was the result of illegal activity such as credit card and investment fraud and child exploitation. The indictment further alleged that e-Gold was operating without a license and without registering with the federal government, violating money transmitting laws.
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.
Sophos is a world leader in IT security and control. Sophos offers complete protection and control to business, education and government organizations - defending against known and unknown malware, spyware, intrusions, unwanted applications, spam, policy abuse and uncontrolled network access (NAC). Sophos's reliably engineered, easy-to-operate products protect over 100 million users in more than 150 countries. Through over 20 years' experience and a global network of threat analysis centers, the company responds rapidly to emerging threats and achieves the highest levels of customer satisfaction in the industry. Sophos is a global company with headquarters in Boston, MA, and Oxford, UK.