The Spam Omelette #36

Welcome to a new issue of our Spam Omelette, the weekly review focused on the latest trends in the spam industry. Before moving forward with the material, please take a look at our testing and map generation methodology, as explained in our first issue.

in review: July 29 – August 5

Spam Omelette 36

1. EMAIL me again

Ranking first in this week’s spam top, the word EMAIL has
been identified in unsolicited messages coming from Canadian Pharmacy. During
the months, we have seen quite a number of legitimate newsletters transformed
into spam templates. Here’s a fresh one announcing 10 summer health tips, but
only displaying advertisements to sexual enhancements such as counterfeit
Viagra and Cialis pills. A video explaining the phenomenon can be watched
online at

email spam

2. PLEASE stop spamming

The word PLEASE has been identified by BitDefender’s spam analysts
in spam messages also related to Canadian Pharmacy.  This spam wave is also abusing a legitimate
newsletter template with a central image advertising Viagra, Cialis and
Levitra, spammers use e-mail subjects likely to attract gamers’ attention. Warcraft accounts wait, Your WOW subscription has expired or Abnormal activity with your WOW account are
some of the mail subjects used in
this spam wave.

please stop spamming


3. PRIVACY & POLICY working hand in hand

During the first half of 2009, more than 50 percent of the
worldwide spam is related to medicine (especially Viagra, Cialis and Levitra)
with Canadian Pharmacy as top spammer. Given the fact that Canadian Pharmacy is
abusing legitimate newsletters in order to promote their products, words such
as Privacy, Policy and Unsubscribe are often present in our weekly issues of
the Spam Omelette.

privacy and policy spam

4. CLICK me if you dare!

Ranking fourth in our weekly spam top, the word CLICK has
been identified mostly in multiple spam waves also coming from Canadian
Pharmacy. Most of these messages have been forged to look as if they had been
sent by the recipients themselves. In order to increase click rates on the
embedded spam links, some of the messages make use of short URL services such
as This way, the user won’t be able
to tell if the message was legit or not until they visit the link.

click spam

5. ACAI and the weight loss story

Summer has always been the best time to promote shady weight
loss alternatives, given the fact that most of the people would dream of
getting the best physical shape prior to going to the seaside. Acai Berry Pills
have been promoted for quite some time, but it seems that  spammers are ramping up the message count per
day in order to get the most from this summer holiday.

Acai Spam

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.