SPAM REVIEW

The Spam Omelette #37

Welcome to the Spam Omelette, BitDefender

Normal
0

false
false
false

EN-US
X-NONE
X-NONE

MicrosoftInternetExplorer4

/* Style Definitions */
table.MsoNormalTable
{mso-style-name:”Table Normal”;
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-qformat:yes;
mso-style-parent:””;
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:”Calibri”,”sans-serif”;}

Week
in review: August 05 – 12

Spam Omelette 37

1. Western
Union fraudsters say PLEASE

Ranking first in this
week’s spam top, the word PLEASE has been identified in a spam wave abusing the
Western Union trademark. Disguised as a transaction warning related to a huge
amount of money (1,000,000 pounds), the message advises unwary users to either
call a number located in UK or to drop a mail to an address set up on Yahoo
Mail. Either way, scammers would ask the user to deposit a certain amount of
money as insurance for the payment. Once the money is transferred, you’ll never
hear from these guys ever again.

please spam

2. E-MAIL
and EMAIL going hand in hand

The words e-mail and
email have been identified by the BitDefender spam researchers mostly in
messages coming from world’s number one spammer, the Canadian Pharmacy online
business. Most of the mails use HTML templates ripped from legit newsletters
and modified to fit a central image with the current offering. The wide range
of message subjects used in such messages is meant to increase users’curiosity
and make them open the message and accept to see the (possibly) blocked image.

email spam

3. Click
here if you dare

Ranking
third in this week’s issue of the Spam Omelette, the word CLICK has been
identified mostly in messages advertising sexual enhancements from Canadian
Pharmacy.  This batch of unsolicited mail
is using a standard MSN newsletter template with unsubscribe and privacy policy
links, as well as the possibility to view the newsletter as a web page, should
your email client block pictures in it.

 

click spam 2

 

4. UNSUBSCRIBE
links that actually work  

When it comes to spam, there is usually no way
to unsubscribe from the mailing list. Instead, when clicking on the unsubscribe
link, users are redirected to the advertised website. Well, this is not the
case with Poker Savvy, the online casino we have talked about in our previous
issues of the Spam Omelette. Given the fact that they use the services of email
marketing company Bronto.com, they have been finally forced to include a valid
unsubscribe link in the message footer. Much to your surprise, you’ll probably
be added later to the spam database, but at least the unsubscribe feature works
for the moment.

 

unsubscribe from spam

 

5.  Acai
Berry pills spam ramping up

Spotted on the spam map since last week, Acai
Berry spam seems to keep invading users’inboxes at an accelerated pace.
Advertised as a natural weight loss solution, these pills are available for
ordering exclusively via web. In order to gain users’confidence, spammers are
abusing celebrity names such as Oprah Winfrey.

Acai Berry pills spam

About the author

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.