The Spam Omelette #14

Welcome to the fourteenth issue of our Spam Omelette, a weekly report on the latest trends in spam. If you missed our previous spam reports, you may want to check it out now to get acquainted with our testing methodology and spam map generation procedures.




/* Style Definitions */
{mso-style-name:”Table Normal”;
mso-padding-alt:0in 5.4pt 0in 5.4pt;

Week in review: February 12 – 18

Spam Omelette Map 14

1. EMAIL scores number one again

The word EMAIL has
undoubtedly been one of the most constant appearances in our spam top. This
week, it has been identified spelled both as EMAIL and E-MAIL in two distinct
spam campaigns. The BitDefender spam analysts identified the former variant in
unsolicited mail messages advertising natural pills for body
fortification.  Unlike previous spam
waves in the medicine business, this specific template doesn’t use either
images or the conventional footer disclaimer. However, the embedded unsubscribe
link is not working at all.


Email Spam

The second spam wave abusing the word E-MAIL
claims to offer one of those miracle jobs that could bring in fortunes
overnight.  However, despite the fact
that the offering sounds extremely appealing, any potential candidates for the
job should know that such jobs usually involve fencing and money laundering

Email spam 2

 This type of job requires applicants to
receive and send money or goods obtained through credit card fraud, so the real
offenders to remain unidentified.

2. Take this huge fortune, PLEASE

Ranking second in
our weekly spam top, the word PLEASE has been identified in a classic Nigerian
scam letter. This type of message tries to gain users’ confidence in order to
make them disclose personal identification information, such as full name, home
address and banking account number.

Please Spam 1

As a rule of thumb,
if an email coming from an unknown sender seems to be too good to be true, then
it probably is and replying it may be the first step to bankryptcy.

3. Mail addresses for sale via PayPal

A hot addition in
our weekly spam top, the word Paypal has been identified in spam messages
advertising email address databases. 
Online marketing is known for its efficiency and low cost, which
transformed mail addresses in fully-fledged commodities for miscellaneous
underground industries.

PayPal spam

According to the message, spammers can grab an
8,000-entry database for as low as $14, which is enough of an explaination why
you’re constantly being flooded by spam.

4. Your medicine shop is one CLICK away

Ranking fourth in
this week’s spam analysis top, the word CLICK has been identified by the BitDefender
researchers in a spam wave promoting sexual enhancing drugs. This mail relies
on both text and ASCII graphic representations in order to deliver the message
to its recipient, an approach meant to prevent content filtering scanners and
signature-based engines from detecting the word VIAGRA.

Click Image Spam

5. NEW opportunities with worthless university degrees

Building on the
precariuous economic state in the United States, spammers have started
advertising on-the-fly University degrees that would allegedly give receivers
better paid jobs and social recognition. The procedure is simple: users have to
provide their name and authorize a fund transfer to a specified bank account.
In exchange, they would receive a “fully- accredited” diploma –
nothing more than a worthless sheet of paper issued by a private institution
with no academic recognition.



New Spam


What’s new in the spam landscape?


  • German spam is still visible on
    the map. Words such as und, den, mit, wieder, als, weitere and ich have
    been visible on the spam map over the past three weeks.
  • Medicine spam is also on the rise,
    although the Canadian Pharmacy business and its arch-rival PowerGain+
    dramatically diminished their presence over the previous week.

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.