SPAM REVIEW

The Spam Omelette #23 – French Spam on the Rise

Welcome to this week

Spam Omelette 23

Week in review:  April 22 – 29

 

1. French
spam tops expectations

This week’s spam
landscape witnessed an unexpected surge in French messages. This week’s
undisputed champion in spam mail is the French word VOUS (the polite form for
YOU). BitDefender spam researchers identified the word in unsolicited mail
advertising an alleged raffle. Users who participate are allegedly eligible to
win a complete world tour. Other spam words of French origins are VOTRE (your),
LES (the), and POUR (for), all encountered in the same spam campaign.

French Spam

 

2. EMAIL
ranking second to the spam party

The word EMAIL is
undoubtedly a common presence in our spam top. This week, the word has been
identified in multiple spam campaigns including email harvesting, medicine
advertisements and Nigerian scam messages.

The first spam wave
tries to harvest as many valid email addresses as possible via a simple, yet
interesting social engineering trick: friendship  / love relationship proposals. The message
allegedly comes from Eva, a teenage girl from the Soviet block. All the user
has to do is reply to a specific address and then wait to be contacted back.

E-mail spam

This strategy pays off
extremely well: not only that most of the average, less security-focused
computer user would reply and help the spammer gather valid messages, but also
help them create a male-only spam database for targeted spam (such as sexual
enhancement ads). This way, the spammer is able to send their advertisements to
people likely to be interested in this type of products, thus keeping the
bandwidth costs to a minimum.

The second spam wave
abusing the word EMAIL is an advertisement coming from the CANADIAN PHARMACY
business. The message headers have been forged to look as if the mail had been
sent from the own email address.

 

email spam 2

 

 

3. UNSUBSCRIBE
from Celebrity News

Ranking third in our
weekly top, the word UNSUBSCRIBE has
been detected by the BitDefender spam analysts in messages impersonating
newsletters. Spam disguised as newsletters was mostly specific to the Canadian
Pharmacy business, but this week PowerGain+ seems to have borrowed the approach
from its older sibling. In order to make messages even more appealing, spammers
have blended the newsletter strategy with mail subjects containing celebrity
names, just like the Celebrity gang did some time ago.

 

Unsubscribe spam

4. MESSAGES
from ladies

Message Spam

The word MESSAGE has
been identified in multiple spam messages announcing the user that they may
meet Russian ladies by accessing an online dating site. However, the included
URL would take the unwary recipient to yet another cloned webpage of the
Canadian Pharmacy business. So long with romance!

5. CLICK
here, if you dare!

Ranking last in this
week’s spam top, the word click has been detected in multiple spam campaigns
advertising sexual enhancements. In order to deceive recipients, spammers use
multiple email subjects, ranging from celebrity news to business proposals. All
these messages include a link to a random six-letter domain name apparently
hosted in China.

Click Spam

 

What’s new in the spam landscape?

 

  • French
    spam is on the rise again. Words such as VOTRE (your), LES (the), and POUR
    (for) are not only visible on the spam map, but they are also this week’s top
    words used in spam.
  • Spammers
    have also taken advantage of the news related to the Swine Flu in order to
    promote their messages. For the moment, the Swine Flu spam campaigns only
    contain medicine spam, but messages bundled with attached malware are also
    expected to appear.

About the author

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.