Septemberâ€™s early days came with several new major spam waves. Although the themes and schemes are anything but new, the magnitude and, in some cases, the malicious payloads prove that spammers ended their vacations too.
One large wave, with messages written in as many as five languages and links constantly changing, invites gambling aficionados to take their chances on-line.
Fig. 1. If you feel like gambling, go to a real casino. If you end up broke, at least your computer won’t be filled with malware.
Another significant wave targets the unemployed and those eager for extra moneythrough various paid activities. The sample below advertises an alleged position of Local Coordinator for students in exchange programs in Australia. Of course, the crooks behind expect gullible recipients to send resumes to a so-called Employment Manager.
The â€œEmployment Managerâ€ is Timothy. The message sender is Rita. The domain is owned by an accounting company. Alarmed?
Fig. 2. You shouldn’t answer this kind of employment offer. Contact a real recruitment agency instead.
Probably as part of an initial phishing raid, another considerable spam wave attempts to dupe credit card owners into believing somebody emptied their accounts. The poor layout and composition of this message should sound the alarm in the first place. The zipped attachment doesn’t hold additional details – just a nasty Trojan meant to harm your machine and steal data.
Fig. 3. No bank or credit card company would ever send such important information via e-mail.
Last but not least, my old-time favorite – on-line dating spam – strikes back too -With the promise of a young companion who loves â€œspontaneous freakiness.â€ The message doesn’t includea batch of alluring pictures in the zipped attachment, but another Trojan.
Fig. 4. Try dating someone in the real world, as the consequences on your computer will probably be less dramatic.
To avoid getting yourself and your computer into trouble, you should normally install a defensive suite on your system, ideally with strong antispam and powerful antimalware components. In case you have difficulties in finding one, here’s a tip: Bitdefender Total Security 2012.
Before wishing you â€“ as alwaysâ€“ ‘Safe e-mailing and surfing everybody!’, please allow me to thank my colleague from the Antispam Lab, Adrian Miron, who generously contributed to the conception of this post, with a genuine massive collection of juicy spams.
All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.