What would your Valentine like this year? Perhaps a shopping spree, a watch, cash, or an assortment of E.D. or weight loss pills?
We are nearing the end of January and Valentine’s Day spam is in full swing. Spammers have been busy making sure they have the perfect gift for your loved ones this year.
The top 20 Valentine’s Day spam subject lines seem more like a laundry list of solutions for a cast of depressed porn stars than an array of truly romantic gifts. What says "Happy Valentine’s Day" quite as well as "Hi Sweetie, here are some weight loss pills for you this year, maybe you can drop a few pounds!"?
The top 20 Valentine’s Day-related subject lines for January
Increase your length, the best valentine's gift Show off your length for valentine's Get it before Valentine's day and watch her smile You have been...
During the past few days we have observed a rise in Russian spam that is offering various local trade services at cheap rates. Instead of using the old standby methods, they are spamming out telephone and ICQ numbers in their ads rather than redirecting email recipients to malicious websites, as is usually seen with spam related to pharmacy or watch replicas, for example.
The interesting concept of this spam lies in the simplicity of the localized services offered. For example, the majority of these spam emails consist of ads for everything from audio books to real estate, from personalized accounting services to the installation of auto glass. For these types of services, it may be that maintaining a dedicated website can be costly and unnecessary. Also, this may be an effort to move away from embedding URLs in emails because anti-spam filters commonly block such messages.
The primary action required for the recipients of these spam messages is to call a telephone...
As the Chinese New Year (Spring Festival) continues to be celebrated around the world, a recent increase in the abuse of the .cn (China) country code top-level domain (ccTLD) has been observed in spam messages. A top-level domain (TLD) is the part of a domain name that follows the final “dot” of any domain name. A ccTLD is a top-level domain generally reserved or used by a country or dependent territory. As noted in the January 2009 Symantec State of Spam Report, approximately 90 percent of all spam messages today contain some kind of URL. In January 2009, an average of 32.5 percent of the URLs observed have had a .cn ccTLD, compared to the average of 57 percent of URLs that had a .com TLD.
Spammers often rotate domains and TLDs in their spam messages...
Macau is the only place in China where there is legalized gambling.* In order to gamble legally in China a person would need to spend money on travel and accommodations to get there. Is there a way to avoid the hassle and expenditure of traveling to Macau for those persons that are interested in gambling? Well, it seems that spammers are offering a solution to the Chinese population: gambling online, from the comfort of your home.
Symantec has recently observed what we believe to be the first instance of online casino and sports betting spam using the Chinese language. The layout of the message is very similar to what we frequently see in English-language casino spam. The message asks users to download a number of software packages and register an account. By registering an account, a user automatically becomes eligible for a random amount of free cash or bonus points. This is all a very common occurrence in English-language spam related to gambling. But,...
Have you booked any airline travel recently? One way or the other, you may be surprised to find some email in your inbox telling you that you have. And, that your credit card has been charged for it! Don’t let curiosity or concern get the better of you—do not open the attachment that is likely accompanying the message. If you do, you would probably end up installing malicious code on your machine.
There are spam messages circulating that are purportedly coming from several major airlines. United Airlines is the latest airline that has been mentioned, but Security Response has seen spam email falsely claiming to be from Northwest Airlines, JetBlue, Midwest Airlines, and Sun Country Airlines. Undoubtedly other airlines will be exploited as well. The email will usually name a specific dollar amount that your credit card has supposedly been charged for air travel. It even offers you a login and password for the airline’s website, but what the...
In previous blog postings, I talked about politically themed online malicious activity, focusing on what we observed during the recent U.S. presidential election cycle. Even though the election itself has long since been over, we are continuing to see similar political themes in today’s attacks.
As anticipation builds around President Elect Barack Obama’s upcoming inauguration ceremony, Symantec’s Threat Intelligence team analyzed a new wave of malicious spam messages with a “Presidential theme” that found their way into one of our vast number of global sensors.
The corresponding emails have subjects and bodies similar to the following:
Subject: You must look at this!
Our new president has gone
Yours truly, Dan Harrison ---
Subject: Breaking news
Barack Obama refused to be the president of the United...
Happy New Year! At this time of year, personal and professional resolutions are often made. These resolutions are often broken within a few days, but it is clear that one resolution will not be broken in 2009. Spam levels are slowly creeping back up to their pre-McColo shutdown levels and spammers have come back fighting. You may remember that on November 11, 2008, McColo-hosted systems were shut down based on abuse complaints. As a result, spam volumes dropped dramatically across the world. However, recent statistics indicate that spam volumes have slowly crept back up to 80 percent of their pre-McColo shutdown levels.
In recent days, Symantec has also observed that spammers are continuing to piggyback on legitimate newsletters and using the reputation of major social networking sites to try and deliver spam messages into recipients’ inboxes. The social networking spam messages were carefully crafted to closely mimic the legitimate notification emails often...
Symantec has observed at least two major social networking sites being spoofed in spam attacks this week. The spam is likely hitching a ride on the back of a recent phishing scam, as discussed on our Norton Protection Blog. The spam emails appear to be official notifications from the social networking sites, with identical subject line formats. The headers of the messages, such as message ID, received lines, and even the custom X-headers have been carefully crafted to closely mimic a legitimate email as closely as possible.
The lure of the emails is the promise of a free mobile phone. There are two different attack vectors being used. In the first variation the user is invited to click directly on a link in the email. In some cases, a free blogging site is used as an intermediary to...
