Trend Micro's spam traps surface more Ashley Madison fake users

The bogus accounts may have been created by spammers

There hasn't been a lack of strange things turning up in the Ashley Madison data leak.

One of the latest discoveries comes from Trend Micro, which found bogus Ashley Madison profiles that used email addresses the company created solely for collecting spam samples.

The email addresses are known as "honeypots," a general term for systems set up by researchers in the hope that they will be attacked. Studying the attacks can shed light on new methods used by malicious hackers.

One of Trend's addresses was used for a profile describing a 33-year-old Los Angeles woman who is "sexy, aggressive" and "knows what she wants," wrote Ryan Flores, a threat research manager with Trend, in a blog post.

So why would someone use one of Trend's honeypot addresses to register an Ashley Madison account?

There's no definite answer but there are a couple of theories. Flores looked at the IP addresses used to register the honeypot addresses.

Those IP addresses, which were contained in the large batches of data about users, were distributed across various countries and on consumer DSL lines, Flores wrote.

About 90 per cent of the profiles, however, were male. It has been theorized that Ashley Madison may have padded out the site with fake female profiles in order to attract more male customers, so that finding doesn't quite fit.

If the accounts weren't created by Ashley Madison, there's another possibility - forum and comment spammers, Flores wrote.

"These forum and comment spammers are known to create website profiles and pollute forum threads and blog posts with spam comments," Flores wrote.

Ashley Madison didn't require non-paying users to confirm their email addresses, so there was no need for the spammers to have access to the accounts they registered.

"It leaves the possibility that at least some of the profiles were created by these spambots," Flores wrote.

Trend Micro stumbled on the finding after their honeypot addresses began receiving extortion attempts from scammers.

Following a large release of data last month, Ashley Madison users reportedly received ransom requests in order to keep scammers from revealing their information to employers and family.

Join the CSO newsletter!

Error: Please check your email address.

Tags trend microspambotsspam email. securityAshley Madison

More about Trend Micro

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jeremy Kirk

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place