Is the torrent of spam emails in your inbox finally going down? Maybe a little bit, based on some recent studies reported by the New Scientist magazine.

E-mail filtering firm MX Logic reported that spam accounted for 68% of emails passing through its network in 2005.

Ummm… that was the good news, actually.

Why good news? Because that’s down from 77% in 2004.

Not only are fewer spam messages being sent across the internet, it appears that spam filters are working better than ever. An FTC test showed that “two free web-based ISPs’ anti-spam filters effectively blocked almost all spam sent to e-mail addresses that FTC staff had posted on the Internet.”

In other words, if you’re not using a spam filter of some kind, what are you waiting for?

A U.K. 17-year-old risked life and limb by removing a fake fascia of an ATM machine. The nearby crooks gave chase and the hero, Luke Bridges, had to run for his life.

So what was the reward for this daring-do? A pocket calculator…

Maybe that would have been a cool gift in 1978, but I’m guessing it only cost the bank around a dollar and looks like one of those free giveaway items.

The bank, NatWest, reiterated in a statement that no one should risk removing one of these devices:

“We would never encourage anyone to put their safety at risk by attempting to remove any such device. We advise anyone who notices anything unusual about a cash machine to report it to the bank or the police immediately.”

Probably good advice. In any case, the story gives you a good look at what these PIN skimming devices look like. Pay close attention to the machine whenever you go to use an ATM.

Read the whole story…

ING Direct USA is doing its best to thwart keystroke logging software by using a web-based numeric keypad.

Since a secure connection won’t protect you if a keystroke logger has been installed on your computer, ING Direct is using the keypad to keep you from having to enter your numbers from your keyboard. This will keep you typing in your account number and password and hopefully, keeping it from being tracked by thieves.

If your bank isn’t using a strategy like this you should request it - it’s a great idea!

Here’s what it looks like:

See it in action on the live ING Direct web site

See the actual scammy W-9095 tax form.

This scam has been around for a while, but always seems to resurface, especially around tax time.

The scam involves fake IRS forms, usually titled W-9095 or W-8888. It begins with a letter in the mail requesting that you fill out the fake form and then fax it back to the given fax number. If you don’t fill out the form and return it in seven days, they say you’ll lose an important tax exemption.

The form itself doesn’t miss any of the juicy tidbits of your financial life. It asks for:

- Name
- Address
- SSN
- Mothers Maiden Name
- Date of Birth
- Bank Address, Account Number, and PIN

They don’t miss anything, do they?

Be smart and keep your eyes open for this scam as you scurry to finalize your taxes this year.

Evidently a spam email message has started to circulate telling people they’ve been randomly selected to receive millions of pounds from Princess Diana’s Memorial Foundation.

Ummm… right.

Here’s the content of the email:

Okay, it didn’t say “Blah, blah, blah…” but it might as well have.

This is a simple “West African advanced fee” a.k.a. “419″ scam. You reply. They say you need to send money in order to get the millions of pounds, dollars, francs, liras or whatever. You send some money, maybe your bank account number, maybe your SSN. They take your money and ask for more. Maybe they steal your identity. Maybe they sell your information to someone else.

It’s all described in detail here.

Just use your head.

Last time I checked memorial foundations exist to collect money - not give it away to random people via email.

F-Secure, a Finnish security company has been able to crack the code the Sober worm was using to update infected machines with new variants.

Here’s how the worm works:

- a computer is infected with the worm.

- on a certain date the infected computer tries to “phone home” to receive new code from the worm creator.

- all infected computers able to reach the proper web address are infected with an updated variant of the worm.

Mikko Hyppönen, Chief Researcher at F-Secure described it this way:

“Sober has been using an algorithm to create pseudorandom URLs which will change based on dates. Ninety nine percent of the URLs simply don’t exist … however, the virus author can precalculate the URL for any date, and when he wants to run something on all the infected machines, he just registers the right URL, uploads his program and BANG! It’s run globally on hundreds of thousands of machines”

If the security experts could determine the web address the worm was looking for it could be blocked and the worm would be deprived of new code. The problem is the virus and worm creators are a devious and crafty bunch and they don’t make it easy to deconstruct what they’re doing. Not crafty enough for F-Secure, evidently.

Read how F-Secure cracked the code and the list of potential download sites for new code.

Just to get an idea of how wonderful these worm creators are, here’s a quote from F-Secure’s blog:

Last thing: Several earlier Sober variants (most notably Sober.Q) have been sending out Neo-Nazi propaganda messages. According to iDefense, the activation date of January 5th is an anniversary date for the Nazi party.

Great. Neo-Nazi worm authors. What did Indiana Jones have to say on the subject? “Nazis. I hate these guys.”

Is your computer a zombie? Not sure? Is your virus scanning software up-to-date? Have you even installed a virus scanner on your computer? No???

If not, your computer may be a zombie that is spreading a particularly nasty worm naed “Sober” to thousands of computers worldwide.

Evidently some zombie computers are blasting out thousands of emails that purport to come from the FBI, of all places.

Have you received one these emails from the FBI or CIA recently? It should have looked something like this:

Of course the attached file wasn’t a list of questions from your local G-man but a file infected with a new strain of the Sober worm.

The worm was being sent out via zombie machines infected with earlier versions of the worm. E-mail security vendor MessageLabs said it blocked more than 2.7 million e-mails in the first 24 hours of the outbreak. Man those zombies are working overtime!

ZoneAlarm Security Suite picked up the worm on my machine and removed it before it did any damage. Do you have an updated anti-virus running on your machine? If not, you could be one of those zombies pumping out thousands of worm-ridden emails without even knowing it.