The Better Business Bureau has issued a fraud alert regarding the resurgence of a spam attack that targets high-level executives in various industries.

The spam emails purport to be sent by the BBB in an effort to entice users to click on a malicious link. The SANS Institute reported a similar wave of targeted spam attacks using the BBB name in March.

SecureWorks, a managed security services provider, discovered a cache of stolen data from the scam that included bank and credit card account numbers from 1,400 high-level executives. For the scam to work, the victim must click on a link within the spam email, which then downloads a Trojan virus.

A group of Carnegie Mellon University programmers have launched a service called ReCaptcha that can help cut down on spam while letting people digitize books.

The project is a variation of the widely used "Captcha" technique to weed out computer abuse such as e-mailing spam or posting spam on blog comments. Captchas require users to pass little pattern recognition tests, commonly reading distorted or obscured words.

ReCaptcha turns this chore into a productive task by letting users digitize scanned images of words that computers couldn’t figure out.

The era of tax-free email, Internet shopping and broadband connections could end this fall, if recent proposals in the U.S. Congress prove successful.

State and local governments this week resumed a push to lobby Congress for far-reaching changes on two different fronts: gaining the ability to impose sales taxes on Net shopping, and being able to levy new monthly taxes on DSL and other connections. One senator is even predicting taxes on email.

At the moment, states and municipalities are frequently barred by federal law from collecting both access and sales taxes. But they’re hoping that their new lobbying effort, coordinated by groups including the National Governors Association, will pay off by permitting them to collect billions of dollars in new revenue by next year.

Microsoft is recommending IT administrators block users opening Office documents as a way to prevent attacks, tacitly acknowledging that Office cannot be completely secured. Called "File Block," the feature allows administrators – or technically astute end users – to declare the specific Office file types that can or cannot be opened by Word 2003/2007, Excel 2003/2007 and PowerPoint 2003/2007. File type restrictions are spelled out by editing the Windows registry or through Group Policy settings.

We continue our analysis of the White House email controversy by looking at the what might have happened to the alleged 5 million missing messages. In this article, we’re going to look at how many messages may be missing and then deconstruct some of the damning statements made by the loyal opposition. Don’t worry, though. While this week it’ll look like we’re mostly picking on the Democrats, fear not. Next week, we’ll be asking tough questions of the White House about why they chose to migrate email systems in the middle of a build-up to war.

Read this OutlookPower article.

A Symantec antivirus signature update mistakenly quarantined two critical system files in the Simplified Chinese version of Windows XP last week, crippling PCs throughout China.

According to the Chinese Internet Security Response Team, users of Norton Antivirus, Norton Internet Security 2007 and Norton 360 who installed an antivirus signature update released by Symantec on May 17 could not reboot their PCs. The update reportedly mistook two Windows system files–"netapi32.dll" and "lsasrv.dll"–as the Backdoor.Haxdoo Trojan horse. The two files were subsequently quarantined.

Hoping to tackle the growing problem of pump-and-dump stock scams Microsoft has quietly filed lawsuits against at least three alleged perpetrators who it says used its MSN Hotmail networks to promote stocks.

Hotmail has "received large volumes of unsolicited commercial email messages" promoting stocks for such companies as Distributed Power, TGC Ventures, China Biolife Enterprises, and Irwin Resources, according to court documents filed during April and May in King County Superior Court in Seattle.

Microsoft has canceled its Professional Developer Conference that was scheduled for this fall. The PDC ’07 event was slated to run Oct. 2-5 in Los Angeles, but Microsoft has decided to scratch the event.

The company cited the fact that so many new technologies are just beginning to get into developers’ hands as one reason the event is being "re-scheduled," as the PDC is a future-looking event.

Microsoft concluded an investigation into a potential IIS 6.0 flaw that researchers said may lead to a denial of service attack and which researchers said "definitely" allows attackers to access special DOS devices (COM1 in this case).

The verdict: The claims are wrong, the public proof of concept code doesn’t take advantage of an IIS 6.0 vulnerability, and the code in question, although it claims to use IIS 6.0, actually uses ASP.NET.

Microsoft Data Protection Manager 2007, currently in Beta, is the latest backup and restore system from Microsoft. DPM works together with existing Microsoft products. Using a Continuous Data Protection technology, DPM can make continuous backups as the data changes. It can provide integration with Exchange, SQL Server, and Sharepoint to keep these products backed up as well. The following describe some of DPM’s features.