I’ve noticed a dramatic increase in a specific type of spam, over several accounts, over the past couple of days. Here is the format:

——– Original Message ——–
Subject: It’s Miranda 🙂
Date: Wed, 8 Nov 2006 22:35:26 +0180
From: Miranda Arias
To:

Our Hottest pick this year! Brand new issue Cana Petroleum!

VERY tightly held, in a booming business sector, with a huge publicity campaign starting up, Cana Petroleum (CNPM) is set to bring all our readers huge gains. We advise you to get in on this one and ride it to the top!

Symbol: CNPM
Current Price: $2.95
Projected Price: $11.40

Check the stats! Check the level 2! Imagine what this one will do when the full force of the PR campaign hits it, in conjunction with smashing news!

Major oil discovery? We are not permitted to say at this point. All we can say is that this one is going to see amazing appreciation in a very short
period of time! This is your opportunity. Win big with CNPM!

Not only do I not care much about the stock market, I certainly wouldn’t take random stock tips via email. It really upsets me that tactics like this work on people. I say these tactics work because if there wasn’t a market for this type of direct advertising then people wouldn’t use it.

I found this interesting calculator which puts a dollar value on the lost productivity incurred per user.

I also found this link to “Spam Economics“

• Made PostgreSQL escaping functions in PostgreSQL and PDO extension keep track of character set encoding whenever possible.
• Added allow_url_include, set to Off by default to disallow use of URLs for include and require.
• Disable realpath cache when open_basedir and safe_mode are being used.
• Improved safe_mode enforcement for error_log() function.
• Fixed a possible buffer overflow in the underlying code responsible for htmlspecialchars() and htmlentities() functions.
• Added missing safe_mode and open_basedir checks for the cURL extension.
• Fixed overflow is str_repeat() & wordwrap() functions on 64bit machines.
• Fixed handling of long paths inside the tempnam() function.
• Fixed safe_mode/open_basedir checks for session.save_path, allowing them to account for extra parameters.
• Fixed ini setting overload in the ini_restore() function.

Didier Stevens has released a new version of his OllyDbg plugin called OllyStepNSearch.

About OllyDbg:
OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable.

More information can be found here.

About OllyStepNSearch:
This plugin allows you to search for a given text when automatically
stepping through the debugged program.

When the plugin is enabled, it will step automatically through the debugged
program once a step command (like Step Into) is issued.

More information can be found here.

Here is a movie of this example on YouTube, a High Res (XviD) version can be found here.