Sammy Chu's blog

Malware is often embedded in email as compressed attachments (such as .zip, .rar, etc.). Recently, however, Symantec has noticed an increase in malicious email attacks with .htm (HTML) attachments.

Here is what the message looks like in your inbox:

How does Symantec know it's the week of Thanksgiving? Because as the busiest travel day of the year day quickly approaches, the day just before Thanksgiving , there is a surge in fake email ticket confirmations that lead to viruses.

Here is what a fake airline message looks like:

In the past we have seen malicious attacks pretending to be shipment notifications from various parcel delivery services. Now the New York State DMV has become the latest “brandjacking” victim for a series of malware attacks.

Here is what the fake message looks like:

With our globalized economy, non-English email between international organizations has become the norm for business communication. However, at the same time, non-English spam is also becoming more and more of a problem for national and international enterprises.

Spamming with dotted decimal URL (a dotted decimal URL refers to the four-byte IP address notation as a sequence of four decimal numbers separated by dots) is one of the most often seen URL-obfuscation techniques employed by spammers.

Have you received email messages in the last several weeks with several random words in the subject line, and a random sentence in the message body? If your answer is yes, then you are one of the victims of the ongoing directory harvesting attack (DHA) by spammers. 

Fake e-card pickup notices are typically used to deliver malware; however, in the past several weeks Symantec has noticed a series of online pharmacy attacks employing the same strategy. To pick up an e-card, the recipient must click on a link in the message. These links take you to the e-card site and display your card.

Last month we reported that spammers had used Twitter as bait to lure innocent victims into a phishing trap, and now we’re seeing a wave of fake Twitter invitations that come carrying a mass-mailing worm. The observed messages appear as if they have been sent from a Twitter account; however, unlike a legitimate Twitter message, there is no invitation URL present in the body.