Security experts are perplexed over a new spamming technique in which victims receive emails that appear to be coming from themselves.
Only numbers appear in the subject line and letter body – often three and four digit combinations – but the messages are not believed to be malicious, according to a report on the SANS Internet Storm Center website.
So far, experts are unsure what to make of the new spam. But Finnish anti-virus vendor F-Secure suggested on its blog that the mass emails could be the work of a botnet herder.
"It might be (him) checking the quality of his email lists, finding which messages bounce and which don’t," said Mikko Hypponen, F-Secure research chief.
According to SANS, the spam could be a precursor of another Bagle worm variant.
"There is a possible link to Bagle seeding as it was done in the past, and we might need to expect a new variant of it soon," said Swa Frantzen of SANS
Another possibility: The emails might be the work of "old-style hackers" who were spurred to action by today’s date of June 6, 2006 (6/6/6), which symbolizes the number of the beast or anti-christ.
SANS suggested network administrators "investigate if you can drop email that appears to be from your own organization while originating outside of it. If your users do not send such email…dropping that email might cut down on a few spams."
