Back to school for spam victims

Russian spammers are targeting thousands of Australians with a work-from-home Web training scam, security experts warned on Monday.

The fraudsters are offering a free two-week Web learning programme, purporting to be held by financial services company Credit Suisse, in which students can graduate in basic finance skills.

According to antivirus company Sophos, the programme invites its victims to sign up for the scam in the aim of recruiting staff for Credit Suisse. But the catch comes in the second week, when students are asked to transfer some of their money as part of an exercise.

"They lure you with a false sense of security," said Graham Cluley, senior technology consultant at Sophos. "Its intent is to defraud innocent computer users out of their savings. [The UK's] spam is usually things like Viagra and Rolex watches, but Russian spam tends to be about training courses and business opportunities."

The Web site that linked to the scam, which has already been shut down, was hosted on a .de Internet address. The Web site had been bought with a German credit card, which is believed to have been stolen and used by Russians, Cluley said.

"Scammers are getting more sophisticated in the way they attempt to steal money from innocent Internet users," he added. "This campaign involves luring people who may wish to generate an income from home into signing up for a fake training course that may teach them a very expensive lesson."

Last week, research from security company CipherTrust showed that most phishing emails are sent from one of five zombie armies of computers, otherwise known as botnets.