Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

Security Response

Showing posts tagged with Mail Security for Exchange/Domino
Showing posts in English
Samir_Patil | 11 Jun 2010 20:20:51 GMT

The world’s most awaited sporting event is kicking off today. As the world is getting ready to join the excitement, spammers continue to raise their spam game.
 
As discussed in the blog last month, we started observing variants of the FIFA spam on top of what we have already seen (like fishing, scams, and malicious attachments). Spammers are dishing out a variety of tactics such as fake gift cards and online pharmacies to lure email users.
 
In the recent spam promotion, spammer offers fake gift cards and invite users to participate in surveys. Below is a of such an offer where spammers are asking for opinions on the chances of Team USA in this edition of the World Cup. Email users are being offered free gift cards for taking such surveys.
 
Especially after their good showing in the...

Eric Park | 10 Jun 2010 17:03:00 GMT

Spam made up 89.81 percent of all messages in May, compared with 89.22 percent in April. As we are approaching mid-year, a section of this month’s report takes a look at top spam and phishing trends in 2010 so far, and how those trends are continuing today. In this month’s report, Symantec’s anti-spam analysts also share what they consider to be the most annoying spam.
 
With social networks continuing to add millions of users to its overall user base, crafty spammers are taking advantage of the popularity of these networks to design new spamming techniques week after week. The State of Spam & Phishing report for this month provides a deep dive on social network spam, highlighting some unique and dangerous techniques deployed by spammers.

Click here to download the June 2010 State of Spam & Phishing...

Mayur Kulkarni | 07 Jun 2010 16:16:58 GMT

Symantec has kept its eye on the ball and reported on malicious 419-spam campaigns associated with major global sporting events, from the Beijing Olympic Games 2008 to the upcoming FIFA World Cup 2010.
 
When international sporting events of such scale are happening, the Internet becomes a perfect avenue for cybercriminals to lay their traps and lure sports enthusiasts into their devious game plans. Typically, nefarious online activities related to major sporting events begin as early as a year before the actual event takes place.
 
After an initial burst of activity, spammers go quiet for a while, only to raise their antennae a couple of months before the actual event. This changes if something unusual or sensational happens in the interim. To cash in on such instances, spammers send out video spam. These email messages can be used for malicious attacks, as the video link actually points to a fake update.

 ...

Samir_Patil | 04 Jun 2010 15:53:44 GMT

Imagine the thrill of receiving an offer to own an expensive next generation gift for free. Alas, this offer is nothing but a spam message. Though Apple Inc. has yet to officially announce the release date of their upcoming Apple iPhone 4G, spammers have already started campaigns related to this gadget.
 
Symantec has observed a wave of spam emails which claim to give away an Apple iPhone 4G. The email headers are fake and pretend to originate from Apple Inc. The message contains several spelling mistakes.  A link is provided in the message which directs users to a spam page which asks for the user’s email address. The spam page is hosted using a URL-shortening service.
 
Symantec has observed other messages which are similar but target another Apple product, the iPad. The only difference is in the line that says “We just got the brand new Apple iPad! Take a look
 
Below is example of...

Samir_Patil | 27 May 2010 17:35:10 GMT

The 2010 FIFA World Cup kicks off on June 11th in South Africa. As 32 countries warm up for this esteemed international soccer event, cyber criminals are getting busier, too.

So far, Symantec has observed scam, phishing, and malicious attachment spam related to the 2010 FIFA World Cup. Of these, 419-scam messages stand out as major contributors. Below are two examples of typical 419-spam related to the FIFA World Cup:

In many of the phishing samples spammers are targeting the Visa brand, which is one of the six global FIFA partners. Visa announced a “Go Fans” promotion offer in which card holders get the chance to win a trip to South Africa to experience the 2010 World Cup matches. Aware of the fan frenzy involved with watching live World Cup...

Eric Park | 12 May 2010 19:02:01 GMT

“Dotted quad” spam makes a splashy return to this report as the volume more than tripled from the month prior. The most observed spam subject line of the month was also the dotted quad spam attack. With respect to message size, attachment spam continued to creep up in volume in March. This, along with an increase in NDR spam, raised the average message size. The 5kb – 10kb bucket increased by over four percentage points and the 10+kb bucket increased by over nine percentage points. With respect to spam categories, scam and phishing messages in April accounted for 17 percent of all spam, remaining unchanged compared to March. Overall, spam made up 89.22 percent of all messages in April, compared with 89.34 percent in March.

Please download the May 2010 State of Spam & Phishing Report, which highlights the following trends:...

Samir_Patil | 10 May 2010 20:12:05 GMT

In April, when a sequence of volcanic eruptions took place at Eyjafjallajökull in Iceland, Symantec reported a wave of online pharmacy spam in which news related to the volcano was used in spam “Subject” lines. The blog, entitled Iceland Volcano Eruption Triggers Blue Pill Cloud, discusses the first of several rounds of spam related to the volcanic ash cloud.

This recent spate of volcano spam attempts to spread a malicious binary that is detected as Infostealer.Bancos by Symantec antivirus. The mail message claims to have the first videos of an air crash that took place in Portugal because of problems with the volcanic ash. The message alleges that the cloud of ash damaged the aircraft engine, causing it to crash into homes and kill more than 150...

Vivian Ho | 10 May 2010 19:10:57 GMT

Mother’s Day was yesterday—hopefully you didn’t forget! I also hope you weren’t too worried about getting a decent gift for your mom. There was no shortage of spammers who wanted to help you out with that. Symantec observed that spam related to Mother’s Day had, of course, increased since mid-April. Touching gift selections as well as flowers and greeting cards were being offered.

The following Mother’s Day spam samples were the most frequent types of messages that were seen. The messages came in hit-and-run spam form, the body content often changing from domains and promotional text to advertising images:

From: "eCards" <eCards@[Details Removed]>
Subject: Make your Mother smile this Sunday

 

From: Mothers Day Flowers <flowers@[Details Removed]>
Subject: $19.99 Mothers Day Flowers + Free...

Samir_Patil | 07 May 2010 13:09:59 GMT

Protecting personal information on the Internet is always a concern for computer users. Phishers are notorious for plotting sophisticated attacks that push them into a user’s inbox. In the Symantec Probe Network we have observed an interesting phishing sample in which spammers are focusing on individualized attacks.
 
With this tactic the phishing message is tweaked slightly to give a personalized look. The email message is an online fund transfer notification and contains the name of the user in the email salutation. The message also alleges that funds have been transferred to a user’s account by an actual person, and the supposed name of that person is provided. The “From” header is forged to appear as if the email originates from a legitimate bank. The URL provided in the message actually directs the user to the phishing website.

...

Mayur Kulkarni | 29 Apr 2010 20:56:35 GMT

Surprising? Not the least bit. Spammers have always shown their liking for big names and brands. And very often these brands are abused to spread malware or gain access to users’ accounts. However, they are also sometimes used only to entice users to open emails. These emails may contain links to pornographic or pharmacy sites.

During recent times we have monitored spam attacks that have used the email templates of famous Internet brands such as Amazon, Apple, and now, Twitter. Using the email templates of well-known newsletters and notifications is a commonly known trick to make recipients believe the authenticity of spam email. Recipients may treat these emails as legitimate and may open them without any suspicion. Though this attack uses an old trick, we feel it is important that users are reminded about this type of spam campaign, which has been observed for over a month or so. We have seen...