The Spam Omelette #39 – Pfizer discounts and news that never happened

Welcome to this week

Spam Omelette 39

1. Canadian
Pharmacy says PLEASE

This week’s most abused word in spam is PLEASE, identified
by BitDefender’s spam analysts in messages coming from Canadian Pharmacy. The
online medicine shop is now delivering messages in mail templates with extra
footer information, such as “subscription” management, unsubscribe options and
even a so-called contact link to get in touch with the senders. However, the
data has been forged, so you’d better not click any embedded links.


Canadian Pharmacy says PLEASE

here for… aspirin

The word CLICK has been identified in unsolicited messages
also coming from Canadian Pharmacy. Known as the number one spammer in the
word, the business is using any means of deceiving its victims into opening
these promotional messages, including breaking news announcements such as “Burn
war in LA”, or silly questions such as “Who have aspirin”.

CLICK here for... aspirin

from Viagra

Ranking third in our weekly top, the word UNSUBSCRIBE has
been identified in messages heavily advertising Viagra knock-off pills also
delivered by Canadian Pharmacy. This time, spammers turned back to the simple,
blue email template used by the MSN News service, with minor modifications to
include a picture.


4. Your
spam EMAIL is here!

The word EMAIL has been identified in messages advertising a
wide range of pharmaceutical products (especially Cialis, Viagra and Levitra)
using the same old strategy: injecting a suggestive image in the mail template
of a legitimate message.

Your spam EMAIL is here!

5. Dating
MESSAGE from the Nigerian scammer

It is known that Nigerian scam messages are elaborate and
intricate creations meant to dazzle the user and make it easier for the sender
to con them. This specific spam wave takes things one step further by sending a
message pointing to articles about relationships and marriage. The decision of
embedding such links is currently unknown, especially since they are neither related
to the con, nor forged to pose any security risk for the recipient.

Dating MESSAGE from the Nigerian scammer

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.