The Spam Omelette #60 - on Cheap Replicas and OEM Software

1. MESSAGE in a bottle

The word MESSAGE ranks first in the 60^th issue of the Spam Omelette and is mostly found in unsolicited mail coming from world’s No. 1 spammer, Canadian Pharmacy. Just like in the past, these messages are disguised under the mask of legitimate health newsletters for extra credibility. The message features a centered image with the current offering. However, since most spam filters based on Bayesian block messages containing specific words if they are excessively used, spammers have added a large piece of “junk” text to trick these filters into labeling spam as legitimate.

 

2. CLICK here for more spam!

Ranking second in this week’s spam top, the word CLICK has been also identified in messages coming from Canadian Pharmacy. It is part of the alternative, text-based description of the spam image, which is displayed when the e-mail client blocks it. Interesting enough, if the user clicks on the link, they will be redirected to a clone of the Canadian Pharmacy through a series of compromised (but legitimate) websites hosting a JavaScript redirection HTML page.

 

3. PRIVACY at risk

The word PRIVACY is placed third in this week’s issue of the Spam Omelette and has been detected by BitDefender’s spam researchers in messages advertising sexual enhancements. This specific spam wave uses a MSN newsletter HTML template that has been modified to accommodate an image-based ad and a couple of links to one of the Canadian Pharmacy online stores.

4. FIRST date, second-hand watches

The word FIRST has been detected in a massive wave of product spam, advertising cheap replicas of designer watches. This specific wave relies exclusively on text and hyperlinks. As the user clicks the recommended link, he /she will be redirected to http://ou*****.ru/secure.php?cmd=home, a Russia-based online store advertising a wide range of counterfeit accessories. As a rule of thumb, you are advised to never purchase products advertised through spam using your credit card.

 

5. Cracked MICROSOFT software packed as OEM

Brand name Microsoft concludes this week’s top of spam words. Ranking fifth, it has been mostly detected in unsolicited mail advertising “OEM software” at massively discounted prices. However, this bargain hides a means of illegally selling “cracked”software (commercial applications that have been tampered with in order to circumvent their protection scheme).