1. The EMAIL message has
favorite word in spam messages is “EMAIL”. It has been detected spelled both as
“email” and “E-mail”, but they both point to the same thing, after all. Spelled
as “Email”, the word is frequently encountered in Brazilian spam messages
advertising telephony and Internet services.
instance of the word, spelled as “e-mail”, has been detected mostly in messages
impersonating Hallmark e-cards. Basically, the spammer perfectly imitates a
legitimate message allegedly sent by the greeting card company. All the links
included in the message direct users to an infected webpage that automatically
triggers a drive-by download. The downloaded binary file is an executable
application that installs an IRC bot on the host computer. The bot would
immediately add the infected computer to the Srizbi botnet, a network of rogue
computers that is mostly responsible for sending fake, infected e-cards.
2. CLICK here for extra
witnessed a significant decrease over the last two weeks, but it is on the rise
again, as we are getting closer to the Christmas shopping spree. Deeper
analysis revealed that the word “Click” comes in spam messages advertising Rolex
Come visit us, PLEASE
Ranking third on
our weekly spam top, the word “please” has been identified mostly in messages
associated with the Canadian Pharmacy business. Although the image accompanying
the message is unchanged from the previous campaigns, this week’s spam wave
mentions the recipient’s address and even provides a forged link to
unsubscribe. This small tweak adds extra legitimacy to a message known as spam.
4. NEW Year, new spam
The word “new”
ranks fourth in this week’s spam top. BitDefender analysts identified a single
type of message abusing the word. This spam campaign advertises luxury replicas
ranging from designer bags to watches and jewelry.
5. UNSUBSCRIBE here,
here and here.
links attached to spam messages have become a standard in the spam industry.
This kind of links not only that makes the message look legitimate (it usually
impersonates a newsletter sent by a respectable company), but also helps
spammers to validate the actually used mail addresses in their databases.
Unsubscribing from a spam list would also tip the spammer that the end-user has
limited security knowledge and might be a potential target for subsequent spam
/ malware attacks.
revealed that some e-mails in this type of campaign would often include
multiple unsubscribe links. Please note that clicking on any of these links
would actually enroll you in other spam campaigns, and you might even receive malicious
What’s new in the spam landscape?
Given the fact
that winter holidays are only one month ahead, product spam is on the rise.
BitDefender expects new spam waves advertising the perfect Christmas gift,
along with other security threats. The Srizbi botnet has already started
sending forged Christmas e-cards (please note that our spam map already
registered the word “card”), which point unwary users to malicious binary files.