The Spam Omelette #48

Welcome to a new issue of our Spam Omelette, the weekly review focused on the latest trends in the spam industry. Before moving forward with the material, please take a look at our testing and map generation methodology, as explained in our first issue.

Week in
Review:  October 21 – 28

Spam Omelette 48

1. Take the blue PILLS and we’ll show you how
we take your money!

Ranking first in this week’s issue of the Spam Omelette, the
word PILLS has been identified in a medium-size spam wave advertising a wide
range of drugs from a new competitor on the drug online market: US Drugstore.
Surprisingly enough, the new provider has surpassed Canadian Pharmacy, one of
world’s greatest spammers of all time.




This week’s spam map also reveals additional keywords
related to pills, such as Viagra, enlargement, medicine and online-pharmacy.

2. Almost free SOFTWARE brings trouble

They say that what is cheap is not worth it, especially when
it comes to software deals. The word SOFTWARE ranks second in this week’s spam
review and has been detected by the BitDefender spam researchers in unsolicited
mails advertising extremely cheap OEM software for Microsoft platforms.
According to the spammers, they can offer licenses for popular software (such
as Nero Burning Suite, for instance) at discounted prices because they do not
deliver boxes and printed manuals. In fact, it is almost for sure that they are
selling “warez” software downloaded via peer-to-peer file sharing services.

Please note that using counterfeit software does not entitle
the buyer to free technical support and is also illegal.


3. MaxGentleman – max spammer

Maxgentleman spam has been present in our spam map for three
weeks in a row and it seems that it’s here to stay.  The messages sent on MaxGentleman’s behalf
are written in plain text and includes a link to one of the multiple website
mirrored worldwide.


4. Visit our SITE, we’re not spammers!

Ranking fourth in the BitDefender spam top for this week,
the word SITE has been detected in a
spam wave advertising the notorious Canadian Pharmacy products. Ironically,
this specific unsolicited mail message picture below comes with an interesting
subject, namely “How we deal with spammers”. It is just another newsletter scam
with a central picture of the current offering.

site spam

5. Seven. Windows Seven.

The official launch of Windows 7, one of the most
anticipated IT events of the year, could not be missed by spammers and malware
creators, who took full advantage of the news to harm both computers and
victims’ bank balance. This specific spam wave using the Windows keyword seems
to have originated in Taiwan and leads the user to a webpage that attempts to
download and install a ZBot infected binary file.


windows 7

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.