The Spam Omelette #31

1024×768

Normal
0

false
false
false

EN-US
X-NONE
X-NONE

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:”Calibri”,”sans-serif”;}

1. CLICK
here to see what happens

Dominating this week’s
spam top, the world CLICK has been spotted in unsolicited messages sent by
Canadian Pharmacy. Just as we got used to in the past weeks, the messages come
with catchy email subjects in order to lure the user into opening the message.
Although the sender’s name appears in full in all the messages belonging to
this wave, the message headers have been spoofed to forge the sender’s address.

2. PLEASE
open this! You’ll only get infected

Ranking second in our
weekly top, the word PLEASE has been identified in multiple spam campaigns,
including the ill-fated Canadian Pharmacy. Besides the well-known spam messages
coming from these medicine webshops, the word has also been spotted in messages
apparently coming from Hallmark. However, instead of the promised e-card, the
user gets a malicious binary that opens the doors for subsequent infections
(especially rogue antivirus software).

3. Important
EMAIL from Canadian Pharmacy

Canadian Pharmacy is
back on track with a series of spam messages impersonating legitimate
newsletters. As usually, the spammer took a HTML template from a legit mailing
and added a relevant picture linked to a China-hosted Canadian Pharmacy clone.

4. UNSUBSCRIBE
from spam, but only if you can!

Ranking fourth in this
week’s spam top, the word UNSUBSCRIBE has been spotted in multiple spam campaigns
also originating from Canadian Pharmacy.

 

 

The messages are
mostly imitating legitimate newsletters and feature unsubscribe links. However,
clicking these links would not unsubscribe the recipient from the mailing list,
but rather lead them to a Canadian Pharmacy clone.

5. Spam at
your SERVICES

Ranking last in this
week’s issue of the Spam Omelette, the word SERVICES has been identified by
BitDefender’s spam researchers in messages promoting  prescription-based drugs. To be more
specific, the word is not part of the content, but rather of the message disclaimer,
as the spammer uses a newsletter template.