Mayur Kulkarni's blog

Nothing can be more enticing than to be chosen for some free goodies—be it mementos, a cash prize, or a ticket to watch a game. It gets even more interesting if you are from a cricket crazy continent and suddenly, out of the blue, you receive an email saying that you are “the chosen one”!

Spammers have used scare tactics in the past, notably during the swine flu outbreak in 2009.

In the past few weeks, we have observed an old spam tactic re-emerging. Spammers are again using news feed to populate the subject header of spam messages. This technique has been used in the past in the form of directory harvesting attacks to gather valid email addresses.

When scammers try to gain sympathy from the email readers or to entice them with huge amount of money, they will usually mention a tragedy or, any event that attracted huge public attention. They may also want the users to read additional information, therefore a URL from a well-known news site is also provided.

Communication in the today’s world is dominated by email, instant messaging, and social networking. However, for making any formal statement or announcement, hard-copy letters are still sent using postal services.

Symantec has come across a spam campaign for an Indian stock, perhaps for the first time. As usually seen in typical stock spam message, this particular email claims that the stock price for this company will rise by 500% because of a possible buyout or partnership with an American outsourcing company and it urges recipients to buy the stocks quickly.

Strange stories of celebrities' deaths resulting from plane crashes or car accidents have suddenly erupted in the spam ring. The intention of distributing such false news is to spread viruses using HTML or zipped attachments. This is one more in a series of recent virus attacks seen in the last few weeks.

Spammers never depend on fixed strategies. They cannot afford to attach themselves to a single method of mass mailing. It does happen that an old attack method is revisited—a minor change is applied to the messages, just to match the changing scenarios on the Internet or perhaps expand the spammers’ focus.

Symantec has kept its eye on the ball and reported on malicious 419-spam campaigns associated with major global sporting events, from the Beijing Olympic Games 2008 to the upcoming FIFA World Cup 2010.