The Spam Omelette #51

Welcome to a new issue of our Spam Omelette, BitDefender


Spam Omelette 51


1. New
SITE, same products

Ranking first in BitDefender’s spam top, the word SITE has
been detected especially in spam messages advertising sexual enhancement pills.
Unlike previous campaigns, this week’s messages lead the victim to a
China-based web shop called Pharmacy Express. Judging by the product offering
and method of domain name generation, this is probably yet another instance of
Canadian Pharmacy.


New Site spam


2.  We
are the BEST, pick us!

The second place is taken by the word BEST, identified by
the BitDefender spam researchers in a medium-size spam wave advertising web
design and “photo cut-out” services. The Chinese spammers have been
increasingly active during the past weeks, escalating from a couple of messages
per day to fully-fledged pandemics.


We are the BEST, pick us!


3. Would you like to UNSUBSCRIBE?

Newsletters are a common
method of disseminating spam on the behalf of a trusted third party company.
Medicine webshop Canadian Pharmacy is notorious for ripping off legit
newsletters and modifying them to include an image of their products. They even
keep the unsubscribe links but modify them to take the user to the advertised
product, thus rendering them useless.

unsubscribe spam

4. CLICK me now!

Ranking fourth in this week’s
issue of the Spam Omelette, the word CLICK has been detected in a spam wave
allegedly containing a follow-up to a support ticket. However, as the user
opens the message, they are presented with the latest offering from Canadian
Pharmacy. Not only that the content of the message is not what it claims to be,
but the mail headers have also been forged to conceal the true identity of the


Click Spam


5. EMAIL scams lurking in the inbox

The word EMAIL concludes this week’s top of the most common
words in spam and has been identified in a spam wave announcing the users that
they have won a consistent sum of money from the Australian Online Lottery. In
order to get the money, the victim has to send their personal information to a
free, anonymous address and transfer a “processing fee” to a designated



email scams


About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.