When a colleague sent me a forwarded e-mail that purported to be from Kanye West, I assumed (as did my colleague) that it was a spoofed message using social engineering to trick people into double-clicking the attachment and installing malware.
But then I read an account from Dan Goodin at The Register that says the singer is fighting hackers who have taken over his Twitter, Gmail and MySpace accounts. And sure enough, this e-mail purports to be from a gmail.com account.
I don't have the full message headers to bring my paltry tech skills to bear and try to figure out if this was spoofed or actually sent from Kanye's account, but here's the message:
From: Kanye West <----------@gmail.com>
Date: Tue, Jan 27, 2009 at 1:26 AM
Subject: Re: Me and Lilly
To: TBG <-----------@gmail.com>
nooooo, only 2 days? make sure to contact me before the session we have to discuss "spaceship" i will upload them when i have time.
On Tue, Jan 27, 2009 at 1:16 AM, TBG <----------@gmail.com> wrote:
I need the ones from the show the night before. Yeah They Did a piece, Relay the message to Warren for the mail. Also the mixed version I need because I am meeting with John tomorrow, he is only in town for 2 days.
On Tue, Jan 27, 2009 at 1:11 AM, Kanye West <-----------@gmail.com> wrote:
The rest of the pictures will be in your inbox for tomorrow. Congrats I read Your piece on MTV.COM
Attached was an .mp3 file titled Rough_1.mp3. I uploaded it to Virustotal.com to see if any antivirus programs might raise the red flag, but none of the engines there found a problem with the file. And unfortunately, I don't have a test computer with sound to run this on right now (no way I'm opening it on my regular Windows PC).
But I did manage to find a song title and artist name for the file, and a little Googling turned up a MySpace profile of that person and song. I don't want to link to the page, because this now makes it look like the purpose of the hack and spoofed message was to push someone else's music. Social engineering for profit, but with no Trojans or other malware involved. That's something, at least.
Of course, I could be wrong. There might very well be malware involved here - and if not now, later. So be extremely careful if you get an e-mail purporting to be from Kanye West with an attachment or link. But for now, it looks like it might just be marketing fraud.
Update: Here's some support for the "It's a marketing scam" theory. A follow-up message from the same address read as:
Unaware as to how you may have receive one of my emails, thank you for respecting my messages. As for the rough version of the song, it is out there now, so you may use it for personal use or have it as a stream on your website please.
Thank you and wish everyone nothing but the best.
Side Note: People Stop sending me Spam, it is uncalled for.
Gotta love that last line. Whoever is sending this might be a fraud, but at least he has a taste for the ironic.