Video Screencast Help
Security Response
Showing posts tagged with Email
Showing posts in English
Vivian Ho | 16 Jun 2010 21:44:23 GMT

As 52 countries across the world gear up to celebrate Father’s day on Sunday, June 20, Symantec is monitoring the increase in the Father’s Day spam volume since the end of May. Sadly, spammers don’t forget to send out their holiday spam, although a couple of ongoing global events such as the FIFA World Cup and Shanghai World Expo might also draw their attention. The Father’s Day spam messages are similar to Mother’s Day spam, including hit-and-run spam, product promotion, and ecard services. We have observed that spammers registered lots of domains with various From aliases and Subject lines in order to bypass spam filters in hit-and-run spam. These types of spam messages, with Father’s Day headers, can attract readers’ attention.

Symantec is expecting to see more attacks in the coming days and advises users to ignore these messages. Here...

Vivian Ho | 15 Jun 2010 21:37:42 GMT

Spammers are known to be crowd chasers. And so it goes that social networking forums, sports events, and major news-generating events always seem to catch the spammers’ attention. In line with this trait, spammers are now targeting global expos. With around 70 to 100 million visitors expected to turn up at the Shanghai World Expo 2010 this year, spammers couldn't have asked for a better time to make their presence felt.
Spammers are using the Shanghai expo in their subject lines and email messages to deliver fake promotions, sell products, and offer various services. Symantec has been monitoring several different variations of spam types in the campaign.

Sample 1:
Spammers include an expo event subject line to attract hits. In the body, there is a meds promotion URL right in the center and a bogus MSN subscription note at the bottom.

From: <Details Removed>
Subject: 200,000 flood Shanghai Expo...

Samir_Patil | 14 Jun 2010 21:52:21 GMT

Former child star Gary Coleman, who shot to fame on the TV sitcom Diff'rent Strokes, died on May 28, 2010. The American actor is well known not only for his childhood role as Arnold Jackson in Diff'rent Strokes, but also for his small stature as an adult, which was caused by a congenital kidney disease that halted his growth at an early age.

As always, events such as these seem to be prime targets for spammers and malicious code authors alike. Symantec has been monitoring spam samples that tie in to Gary Coleman’s death; in particular, we’ve been observing several health-related spam messages that use the news headlines of Coleman’s death as their Subject lines.

As shown in below example, the message is, in actuality, a promotion of a Canadian pharmacy spam site. The links embedded in the message direct users to this online pharmacy:


Samir_Patil | 11 Jun 2010 20:20:51 GMT

The world’s most awaited sporting event is kicking off today. As the world is getting ready to join the excitement, spammers continue to raise their spam game.
As discussed in the blog last month, we started observing variants of the FIFA spam on top of what we have already seen (like fishing, scams, and malicious attachments). Spammers are dishing out a variety of tactics such as fake gift cards and online pharmacies to lure email users.
In the recent spam promotion, spammer offers fake gift cards and invite users to participate in surveys. Below is a of such an offer where spammers are asking for opinions on the chances of Team USA in this edition of the World Cup. Email users are being offered free gift cards for taking such surveys.
Especially after their good showing in the...

Eric Park | 10 Jun 2010 17:03:00 GMT

Spam made up 89.81 percent of all messages in May, compared with 89.22 percent in April. As we are approaching mid-year, a section of this month’s report takes a look at top spam and phishing trends in 2010 so far, and how those trends are continuing today. In this month’s report, Symantec’s anti-spam analysts also share what they consider to be the most annoying spam.
With social networks continuing to add millions of users to its overall user base, crafty spammers are taking advantage of the popularity of these networks to design new spamming techniques week after week. The State of Spam & Phishing report for this month provides a deep dive on social network spam, highlighting some unique and dangerous techniques deployed by spammers.

Click here to download the June 2010 State of Spam & Phishing...

Mayur Kulkarni | 07 Jun 2010 16:16:58 GMT

Symantec has kept its eye on the ball and reported on malicious 419-spam campaigns associated with major global sporting events, from the Beijing Olympic Games 2008 to the upcoming FIFA World Cup 2010.
When international sporting events of such scale are happening, the Internet becomes a perfect avenue for cybercriminals to lay their traps and lure sports enthusiasts into their devious game plans. Typically, nefarious online activities related to major sporting events begin as early as a year before the actual event takes place.
After an initial burst of activity, spammers go quiet for a while, only to raise their antennae a couple of months before the actual event. This changes if something unusual or sensational happens in the interim. To cash in on such instances, spammers send out video spam. These email messages can be used for malicious attacks, as the video link actually points to a fake update.


Samir_Patil | 04 Jun 2010 15:53:44 GMT

Imagine the thrill of receiving an offer to own an expensive next generation gift for free. Alas, this offer is nothing but a spam message. Though Apple Inc. has yet to officially announce the release date of their upcoming Apple iPhone 4G, spammers have already started campaigns related to this gadget.
Symantec has observed a wave of spam emails which claim to give away an Apple iPhone 4G. The email headers are fake and pretend to originate from Apple Inc. The message contains several spelling mistakes.  A link is provided in the message which directs users to a spam page which asks for the user’s email address. The spam page is hosted using a URL-shortening service.
Symantec has observed other messages which are similar but target another Apple product, the iPad. The only difference is in the line that says “We just got the brand new Apple iPad! Take a look
Below is example of spam...

Samir_Patil | 27 May 2010 17:35:10 GMT

The 2010 FIFA World Cup kicks off on June 11th in South Africa. As 32 countries warm up for this esteemed international soccer event, cyber criminals are getting busier, too.

So far, Symantec has observed scam, phishing, and malicious attachment spam related to the 2010 FIFA World Cup. Of these, 419-scam messages stand out as major contributors. Below are two examples of typical 419-spam related to the FIFA World Cup:

In many of the phishing samples spammers are targeting the Visa brand, which is one of the six global FIFA partners. Visa announced a “Go Fans” promotion offer in which card holders get the chance to win a trip to South Africa to experience the 2010 World Cup matches. Aware of the fan frenzy involved with watching live World Cup...

Eric Park | 12 May 2010 19:02:01 GMT

“Dotted quad” spam makes a splashy return to this report as the volume more than tripled from the month prior. The most observed spam subject line of the month was also the dotted quad spam attack. With respect to message size, attachment spam continued to creep up in volume in March. This, along with an increase in NDR spam, raised the average message size. The 5kb – 10kb bucket increased by over four percentage points and the 10+kb bucket increased by over nine percentage points. With respect to spam categories, scam and phishing messages in April accounted for 17 percent of all spam, remaining unchanged compared to March. Overall, spam made up 89.22 percent of all messages in April, compared with 89.34 percent in March.

Please download the May 2010 State of Spam & Phishing Report, which highlights the following trends:...

Samir_Patil | 10 May 2010 20:12:05 GMT

In April, when a sequence of volcanic eruptions took place at Eyjafjallajökull in Iceland, Symantec reported a wave of online pharmacy spam in which news related to the volcano was used in spam “Subject” lines. The blog, entitled Iceland Volcano Eruption Triggers Blue Pill Cloud, discusses the first of several rounds of spam related to the volcanic ash cloud.

This recent spate of volcano spam attempts to spread a malicious binary that is detected as Infostealer.Bancos by Symantec antivirus. The mail message claims to have the first videos of an air crash that took place in Portugal because of problems with the volcanic ash. The message alleges that the cloud of ash damaged the aircraft engine, causing it to crash into homes and kill more than 150...