July 4th comes with spam, malware and… fireworks, of course!

Bad old e-crime habits die hard!

A couple of years ago I wrote a short white paper explaining the different behavioral vectors that attackers regularly exploit to breach systems' security. As I explained, malware and other e-threats usually go under the disguise of familiar pictures, videos or any other multimedia format appropriate to the event or story being exploited.


Clearly, today’s celebration of Independence Day in the US was never going to go  unexploited by the relentless dark masterminds. But unlike past years, the current spam waves have intensified even more, on the one hand, while also becoming more and more innovative in terms of 'catchiness', on the other hand. Whether this is the result of the foreseen harsh financial situation in the US or not, the indisputable fact is – at least for these spam and malware distribution campaigns – that July 4th can now be linked to almost anything: from political messages and fireworks (the latter on special sale) to mentoring and animal protection, as you can see below.

Figure 1 – This guy (or someone on his behalf) thought that it would be a good idea to promote himself on this occasion.


Figure 2 – Need insurance? Don't miss the July 4th special offer.

Figure 3 – An extremely attractive "educational" offer – Godfather's fireworks & crackers (I wonder what the Child Protective Services would say about the little fellow showing up in this ad).

Figure 4 – Before the American Dream was the "HABIT of 'Consciously Creating Your Day'", which led to the Independence. At least this is what the natty fellow from the alleged video tries to sell us (by the way, that's not a real movie, only a screenshot, probably leading to some malware).

Figure 5 – My favorite: Fireworks are no fun for animals. This is so true! But so is spam for our inboxes.

Few (common sense derived) words of advice to keep you safe during this anniversary:


• don't download or open e-mail attachments purporting to bring you photos or videos related to  Independence Day, even if they come from senders you know. If someone from your family did send you a photo, give him or her a call and check before rushing into it.

• don't follow any link that promise to offer you the-most-beautiful-and spectacular-fireworks-ever-seen-on-earth. Chances are that you end up on a Web page spreading malware or to make traffic on a Web site pertaining to an e-criminal that cashes on every stranger visiting that page (pay-per-click/pay-per-view stuff).

• the same above goes for the social networks: fake apps, graffiti spam, you name it, it will be hell unleashed these days.

• mobile users should also keep a close eye on their inboxes, as MMS and other type of messages would try to lure them into clicking links or calling numbers to overcharge their bills.

• last but not least, install some security on your systems. By the way, BitDefender Facebook fans get 6 extra months of protection for free with the best defensive solution currently on the market, BitDefender Internet Security 2011. Check it out quick, while it last!

One more thing: please do allow me to express my gratitude towards my colleague from the Antispam Lab, Adrian Miron, who generously contributed to the conception of this post with a gianormous chunk of genuine 4th of July-related spam samples.

Happy Independence Day and safe surfing everybody!

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

About the author


With a humanities passion and background (BA and MA in Comparative Literature at the Faculty of Letters, University of Bucharest) - complemented by an avid interest for the IT world and its stunning evolution, I joined in the autumn of 2003 the chief editors' team from Niculescu Publishing House, as IT&C Chief Editor, where (among many other things) I coordinated the Romanian version of the well-known SAMS Teach Yourself in 24 Hours series. In 2005 I accepted two new challenges and became Junior Lecturer at the Faculty of Letters (to quote U2 - "A Sort of Homecoming") and Lead Technical Writer at BluePhoenix Solutions.

After leaving from BluePhoenix in 2008, I rediscovered "all that technical jazz" with the E-Threat Analysis and Communication Team at BitDefender, the creator of one of the industry's fastest and most effective lines of internationally certified security software. Here I produce a wide range of IT&C security-related content, from malware, spam and phishing alerts to technical whitepapers and press releases. Every now and then, I enjoy scrutinizing the convolutions of e-criminals' "not-so-beautiful mind" and, in counterpart, the new defensive trends throughout posts on

Balancing the keen and until late in night (please read "early morning") reading (fiction and comparative literature studies mostly) with Internet "addiction", the genuine zeal for my bright and fervid students with the craze for the latest discoveries in science and technology, I also enjoy taking not very usual pictures (I'm not a pro, but if you want to see the world through my lenses, here are some samples, messing around with DTP programs to put out some nifty book layouts and wacky t-shirts, roaming the world (I can hardly wait to come back in the Big Apple), and last but not least, driving my small Korean car throughout the intricacies of our metropolis's traffic.