3 min read

The Spam Omelette #5

Bogdan BOTEZATU

November 26, 2008

The Spam Omelette #5

Spam omelette Map

 

1. The EMAIL message has
it all

This week’s
favorite word in spam messages is “EMAIL”. It has been detected spelled both as
“email” and “E-mail”, but they both point to the same thing, after all. Spelled
as “Email”, the word is frequently encountered in Brazilian spam messages
advertising telephony and Internet services.

E-mail

The other
instance of the word, spelled as “e-mail”, has been detected mostly in messages
impersonating Hallmark e-cards. Basically, the spammer perfectly imitates a
legitimate message allegedly sent by the greeting card company. All the links
included in the message direct users to an infected webpage that automatically
triggers a drive-by download. The downloaded binary file is an executable
application that installs an IRC bot on the host computer. The bot would
immediately add the infected computer to the Srizbi botnet, a network of rogue
computers that is mostly responsible for sending fake, infected e-cards.

Hallmark spam

 

2. CLICK here for extra
product spam

Product spam
witnessed a significant decrease over the last two weeks, but it is on the rise
again, as we are getting closer to the Christmas shopping spree. Deeper
analysis revealed that the word “Click” comes in spam messages advertising Rolex
kock-offs.

Spam example

 

 

3.
Come visit us, PLEASE

Ranking third on
our weekly spam top, the word “please” has been identified mostly in messages
associated with the Canadian Pharmacy business. Although the image accompanying
the message is unchanged from the previous campaigns, this week’s spam wave
mentions the recipient’s address and even provides a forged link to
unsubscribe. This small tweak adds extra legitimacy to a message known as spam.

 Please Spam

 

 

4. NEW Year, new spam

The word “new”
ranks fourth in this week’s spam top. BitDefender analysts identified a single
type of message abusing the word. This spam campaign advertises luxury replicas
ranging from designer bags to watches and jewelry.

New year Spam

 

5. UNSUBSCRIBE here,
here and here.

Fake “unsubscribe”
links attached to spam messages have become a standard in the spam industry.
This kind of links not only that makes the message look legitimate (it usually
impersonates a newsletter sent by a respectable company), but also helps
spammers to validate the actually used mail addresses in their databases.
Unsubscribing from a spam list would also tip the spammer that the end-user has
limited security knowledge and might be a potential target for subsequent spam
/ malware attacks.

Unsubscribe spam

Deeper analysis
revealed that some e-mails in this type of campaign would often include
multiple unsubscribe links. Please note that clicking on any of these links
would actually enroll you in other spam campaigns, and you might even receive malicious
attachments.

What’s new in the spam landscape?

 

Given the fact
that winter holidays are only one month ahead, product spam is on the rise.
BitDefender expects new spam waves advertising the perfect Christmas gift,
along with other security threats. The Srizbi botnet has already started
sending forged Christmas e-cards (please note that our spam map already
registered the word “card”), which point unwary users to malicious binary files.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read