Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Michael Jackson Spam Inhibits the Independence Day Spam Spur

Created: 01 Jul 2009 19:29:51 GMT • Updated: 23 Jan 2014 18:34:27 GMT
Samir_Patil's picture
+1 1 Vote
Login to vote

In the United States, Independence Day is a federal holiday celebrated on July 4 that commemorates the adoption of the Declaration of Independence on July 4, 1776, which declared independence from the Kingdom of Great Britain. The day is typically celebrated with fireworks, parades, barbecues, carnivals, and various other public and private events to remember the history and traditions of the United States.

In order to track the prevalence and volume change of Fourth of July spam, we have been supervising the probe network traffic for this type of spam over the past couple of weeks. Surprisingly, it looks as if spammers are less passionate about spawning Independence Day spam this year. The probable reason for this neutrality could be the spam spike related to the death of pop star Michael Jackson.

In the spam samples that are related to Independence Day, we’ve observed messages inviting users to experience the so-called “best 4th of July fireworks display in Miami.” A link is provided that directs users to a Web form where personal information such as names, email addresses, and number of accompanying guests is collected. A map to the venue is also provided to give a genuine look to the fake offer.

When we did bit of searching online we noticed that this event is in fact happening at one of the hotels in Miami. So, we analyzed the message closely and found various fraudulent details. The email originates from a recently registered domain that has no connection with the hotel authority. The IP address visible in the email headers is notorious for sending out spam and is present in IP blacklists. The email is unsolicited, with a questionable opt-out process. Needless to say, spammers are abusing the event to gather personal information for subsequent fraudulent activity or future spam campaigns.

Below is a snapshot sample of this particular spam email:

From: VIP LIST - The <removed> Hotel <info@<removed>.com>
Subject: Experience the Best 4th of July in Miami at The <removed>

imagebrowser image

The subject lines for these spam messages seem legitimate and are often the subject lines used in valid promotional emails. So, users need to take extra care while opening any email with this type of subject line/content. Because Independence Day is still a few days away, we expect that spammers might continue pushing such fake-but-catchy offers into users’ inboxes.