The Spam Omelette #11

 

1.CLICK
strikes back

The word CLICK manages
once again to rank first in our weekly spam top. BitDefender Antispam
researchers identified the word in multiple types of unsolicited emails,
ranging from weight loss pills to product advertisement and prescription-based
sexual enhancements.

The product spam stock
comes up with yet another method to reach its potential customers. Since more
and more users are reluctant to just opening up suspicious messages, spammers
now include parts of their message straight into the Subject field. This way,
the end-user will still be presented at least one tiny bit of the offering,
regardless of whether they open the message or not.

The second significant
spam wave abusing the word is the Canadian Pharmacy commercial offering. Even
if the amount of Canadian Pharmacy spam is still way below what we received in
the last two months of 2008, this type of messages is making an aggressive
comeback.

2. UNSUBSCRIBE
spells trouble for your inbox

Fake unsubscribe links
are not news anymore, given the fact that we spotted the trend a couple months
ago. However, this week’s spam wave including this kind of links comes with
attachments. The HTML-encoded file delivered with the message also contains a
piece of code that triggers an iframe and may download malicious binaries or
abuse your IP in complex AdSense schemes.

The word UNSUBSCRIBE
has also been identified in a spam wave advertising sexual enhancements and
other “natural” pills. Paired with a footnote referencing a trustworthy
company, the Unsubscribe link gives extra legitimacy to the spam message and
encourages spammers, as the victims confirm the validity of their mail address.

 

 

3.Adult
NEWSLETTERS

Ranking third in our
weekly top, the word NEWSLETTER has been identified in spam messages
advertising adult content. Adult-related spam messages are quite widespread,
but what’s particularly important in this spam wave is the fact that the
message is written in German.

A closer look over
this week’s spam map also reveals the fact that German spam is on the rise
(words such as von, die, mit and und are rarely
visible in our top).

 

4.PLEASE
follow the links

Although the winter
shopping spree has ended, product spam keeps pumping in users’ inboxes. The
word PLEASE has been identified mostly in unsolicited mail advertising knockoff
watches, especially cheap Longines replicas with immediate delivery.

 

5. New
Dish NETWORK on the menu

Ranking last in our
weekly top, the word NETWORK has been identified by the BitDefender antispam
researchers in a less-usual spam wave advertising cheap DISH network services.

The offering is only
available for selected customers in the United States, although the advertisement
is sent to users in any location. The message might look legit, but it is sent
from different mail addresses and takes multiple forms in order to trick
signature-based spam filters.

 

What’s new in the spam landscape?

German spam has once
again reached noticeable proportions, especially messages advertising adult
materials. This type of spam is particularly dangerous, because the advertised
services usually require the use of a credit card and unwary users might turn
into credit card fraud victims.

The Canadian Pharmacy
is back in business: although the amount of spam served via their channels is
still low, it might be ramping up in the following weeks.