return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

ICG Risk Blog - [ To the Panda Software article plant effort: this is not the article that you were hoping for ]

To the Panda Software article plant effort: this is not the article that you were hoping for


Panda Software's SEARCH FOR EXCELLENCE apparently has not reached its its plant program attempting to seed articles favorable to its Infected or Not campaign to Highlight the Prevalence of Malware. Today I received an email to our blog info address from an that is worthly of being reproduced in full as it is a very straight forward request to plant an article favorable to Panda, and even offering sample texts from which to adapt.

The fact that Panda Software is based in Bilbao and Madrid, Spain, with substantial Latin and other subsidiaries, will gain pertinence as the reader proceeds.

 I am not the only recipient as Daniel Davenport's think d2c received a comment note from the same gmail Erika to his Mobile TV advances on 18 April:

Erika said...

Hi! Sorry for trying to contact you through the comments section of your blog but I have an offer that might interest you. Please, contact me in

Here is the email item that I received from this same Erika at 4/20/2007 8:59:32 AM (and all of Erika's emails have been retained for our records):

From: Erika Email: Subject: 70% of the computers are infected! And you can be part of the solution Message: Hi,

My name is Erika Brown and I am currently working on an awareness campaign called Infected Or Not.

Let me tell you a little bit about it. The whole story of this campaign began with a report from a Panda Software project. On that report, PandaLabs stated that in 2006 more malware was received than in the previous 15 years combined.

The spread of malware infections was huge and it is now getting worse and worse. And that’s why Panda Software decided to launch their Infected Or Not campaign.

The campaign is based on the web site. On that site, people can quickly check if their computers are infected by any form of malware and, at the same time, they are providing useful information that is collected and used to present prevalence statistics.

So the real value of the campaign is not in the test drive of the upcoming Panda detection tools, but in the stats collected by these tests (stats that are also displayed daily on the web site). So far, the numbers have beenereally impressive: almost 70% of the scanned computers are infected. That is precisely why we need awareness.

Now, This is what I want to ask you: I would like you to publish an article in your web site about this campaign. I can even send you one of several different articles written by other people working on this campaign. Any mention about "Infected Or Not" from any web site is, subsequently, commented and seen by hundreds of thousands of people in our own web site. I guess the free publicity couldn’t hurt you.

I know it doesn’t sound like a great deal for you but, if you think about it, we would provide you with relevant (and rich in keywords) content, and you would be taking part on this awareness effort.

If you want to collaborate with me, just write back and let me know. I will send you the article ASAP.

Thanks for your time and I look forward to hearing from you soon.

Best regards

Switching into honeypot mode, I invited items for review at 20 April, 2007 11:55 with the comment "Have looked at IoN site. Please send items for review."

Almost by return, I received Erika's response at 20 April, 2007 12:00:

Thank you very much for your collaboration to this awareness campaign, I really appreciate it.

Here I send you an article about You won't be disappointed.

Please feel free to tell me if there is any way I can help you adapt the content to your web site or if you have any other question or suggestion.

One last favor, could you please send me the article's URL?



Attached was a short derivative document, infected1, whose properties page states its authorship at "Pablo Diaz" from "SX Networks." There is an SX Networks in Montevideo, Uruguay, and a Pablo Díaz Rigby in Montevideo whose CV states that he is a "Media Executive" devoted to "Online advertising campaigns management" and that he is a "Spanish Native speaker" that is "Fluent in written and Spoken English."

I think it sad that a nominally respected firm in a very necessary field would stoop to this, even using the sham plausibility of denial by a separate address. Other readers may share my opinion of "Shields Up!" and suspicion of all further Panda missives until it repudiates the plant effort and zero times its initiative.

UPDATE: 23 April

Coincident to the original posting, I reported "Erika" to Gmail. Their reply arrived 23 April. "Erika" had spoofed a gmail address:

From: []
Sent: Monday, 23 April, 2007 19:30
To: Gordon Housworth
Subject: Re: [#139428718] Account Status


Thank you for your report. We apologize for any inconvenience this may have caused.

The message you refer to did not originate from Google. Instead, it appears to have been sent by someone who has faked the address so that it falsely appears to be from Gmail. This practice is commonly called 'spoofing.'

We are very concerned about this conduct. We have forwarded the information you provided to the appropriate team for investigation.

Please note that Google will never send unsolicited mass messages asking for your password or personal information, or messages containing executable attachments.

You can also help stop these individuals by sending a copy of such unlawful messages to the Federal Trade Commission at

We appreciate your understanding.


The Google Team

Mobile TV advances
Daniel Davenport
think d2c
Wednesday, April 18, 2007

Panda Launches ‘Infected or Not?’ Campaign to Highlight the Prevalence of Malware

Gordon Housworth

Cybersecurity Public  InfoT Public  Risk Containment and Pricing Public  


  discuss this article

<<  |  July 2020  |  >>
view our rss feed