Happy 4th to all our American readers! Take a minute away from the fireworks, food and fun and give thanks for the freedoms you enjoy thanks to the brave men who fought for our independence all those years ago, and to the ones who continue to defend this great country! This is a great country to live in, and the 4th is a wonderful summer holiday, but don't forget that freedom doesn't come without a high cost.

We've all gotten at least one in our inbox-an email from a foreign aristocrat of some sort, begging for your help in getting their multi million dollar fortune out of the country. In return for letting them use your bank account, they will give you a hefty cut. It a scam, a huge scam and one of the most widespread on the internet-and now the scammers have added a new twist. They use phishing tactics to take over web based email accounts and then send their spam to every address in the compromised account's address book. Read more about this new twist in Symantec's latest report, found here.

Here's a great documentary from SophosLabs that examines botnets from the inside out. Very interesting stuff!

The volume of malicious spam has tripled in the past week, largely due to the Srizbi botnet. This botnet is currently responsible for 46% of all spam sent this month. The current flood of spam isn't selling anything-rather it's delivering a payload of malware designed to add computers to the botnet. The malicious spams either tell the recipient they were caught on video in an embarrassing manner or exploit Classmates.com by telling the recipient they have a message waiting there. Depending on which scam they get, the unsuspecting user is either directed to a fake Classmates.com site or a fake video site. Once there they are asked to click on yet another link, which downloads the malicious payload. Get more info here!

The FTC has made some key changes to the CAN-SPAM law:

1. Senders can now use a P.O. Box as their physical address.

2. Nonprofits are now required to comply with CAN-SPAM.

3. Senders can not require a recipient to pay a fee or visit a website to unsubscribe from a mass mailing, and can not send any type of reply to an unsub request or require any personal info other than the recipient's email address.

4. The address in the From line is now considered the designated sender and will be held responsible for any CAN-SPAM non-compliance issues.

5. If a sender encourages the forwarding of their mailing, it must comply with CAN-SPAM rules.

Do you think these changes will have any affect on the spam problem? Why or why not?

Symantec has issued a warning about two new types of spam hitting the net. The first takes advantage of the disaster victims in China and myanmar. It pretends to be a solicitation letter asking for donations to help the victims. The link included sends the recipent to a malicious website that steals their personal info. The email reads:

The fraudulent email reads: "If you wish to contribute to charitable causes, it is important to verify the legitimacy of any email or Websites you may want to use when donating money. Donations should only be made via secure websites, which is usually indicated by the use of a padlock icon displayed in a corner of the browser."

The second type of spam hypes products claiming to increase gas mileage. The products claim that if purchases they will allow the customer to fuel their car with water. Obviously these are complete scams!

The Storm Worm is back folks. That's right. The monster botnet security experts and researchers thought was dead has roared back to life. In the last 24 hours it has sent out over 8 million spam messages. Anyone who falls for one of them will have their PC added to Storm's network of zombie computers. The newest spam messages sport subject lines like "Obama Quits Presidential Race", "Statue of Liberty Catches Fire", and "Britney Spears Found Dead". All of them contain a bogus link to PornTube, the adult version of YouTube. The fake site is hosted on group of hacked servers and when someone clicks on the link, they get a pop up saying an active x control must be installed in order to view the videos. What actually downloads is a malicious trojan that adds the infected computer to Storm. It just goes to show that you should never underestimate the cyber underworld!