Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response
Showing posts tagged with Message Filter
Showing posts in English
Eric Park | 10 Jun 2010 17:03:00 GMT

Spam made up 89.81 percent of all messages in May, compared with 89.22 percent in April. As we are approaching mid-year, a section of this month’s report takes a look at top spam and phishing trends in 2010 so far, and how those trends are continuing today. In this month’s report, Symantec’s anti-spam analysts also share what they consider to be the most annoying spam.
With social networks continuing to add millions of users to its overall user base, crafty spammers are taking advantage of the popularity of these networks to design new spamming techniques week after week. The State of Spam & Phishing report for this month provides a deep dive on social network spam, highlighting some unique and dangerous techniques deployed by spammers.

Click here to download the June 2010 State of Spam & Phishing...

Mayur Kulkarni | 07 Jun 2010 16:16:58 GMT

Symantec has kept its eye on the ball and reported on malicious 419-spam campaigns associated with major global sporting events, from the Beijing Olympic Games 2008 to the upcoming FIFA World Cup 2010.
When international sporting events of such scale are happening, the Internet becomes a perfect avenue for cybercriminals to lay their traps and lure sports enthusiasts into their devious game plans. Typically, nefarious online activities related to major sporting events begin as early as a year before the actual event takes place.
After an initial burst of activity, spammers go quiet for a while, only to raise their antennae a couple of months before the actual event. This changes if something unusual or sensational happens in the interim. To cash in on such instances, spammers send out video spam. These email messages can be used for malicious attacks, as the video link actually points to a fake update.


Samir_Patil | 04 Jun 2010 15:53:44 GMT

Imagine the thrill of receiving an offer to own an expensive next generation gift for free. Alas, this offer is nothing but a spam message. Though Apple Inc. has yet to officially announce the release date of their upcoming Apple iPhone 4G, spammers have already started campaigns related to this gadget.
Symantec has observed a wave of spam emails which claim to give away an Apple iPhone 4G. The email headers are fake and pretend to originate from Apple Inc. The message contains several spelling mistakes.  A link is provided in the message which directs users to a spam page which asks for the user’s email address. The spam page is hosted using a URL-shortening service.
Symantec has observed other messages which are similar but target another Apple product, the iPad. The only difference is in the line that says “We just got the brand new Apple iPad! Take a look
Below is example of spam...

Samir_Patil | 27 May 2010 17:35:10 GMT

The 2010 FIFA World Cup kicks off on June 11th in South Africa. As 32 countries warm up for this esteemed international soccer event, cyber criminals are getting busier, too.

So far, Symantec has observed scam, phishing, and malicious attachment spam related to the 2010 FIFA World Cup. Of these, 419-scam messages stand out as major contributors. Below are two examples of typical 419-spam related to the FIFA World Cup:

In many of the phishing samples spammers are targeting the Visa brand, which is one of the six global FIFA partners. Visa announced a “Go Fans” promotion offer in which card holders get the chance to win a trip to South Africa to experience the 2010 World Cup matches. Aware of the fan frenzy involved with watching live World Cup...

Eric Park | 12 May 2010 19:02:01 GMT

“Dotted quad” spam makes a splashy return to this report as the volume more than tripled from the month prior. The most observed spam subject line of the month was also the dotted quad spam attack. With respect to message size, attachment spam continued to creep up in volume in March. This, along with an increase in NDR spam, raised the average message size. The 5kb – 10kb bucket increased by over four percentage points and the 10+kb bucket increased by over nine percentage points. With respect to spam categories, scam and phishing messages in April accounted for 17 percent of all spam, remaining unchanged compared to March. Overall, spam made up 89.22 percent of all messages in April, compared with 89.34 percent in March.

Please download the May 2010 State of Spam & Phishing Report, which highlights the following trends:...

Samir_Patil | 10 May 2010 20:12:05 GMT

In April, when a sequence of volcanic eruptions took place at Eyjafjallajökull in Iceland, Symantec reported a wave of online pharmacy spam in which news related to the volcano was used in spam “Subject” lines. The blog, entitled Iceland Volcano Eruption Triggers Blue Pill Cloud, discusses the first of several rounds of spam related to the volcanic ash cloud.

This recent spate of volcano spam attempts to spread a malicious binary that is detected as Infostealer.Bancos by Symantec antivirus. The mail message claims to have the first videos of an air crash that took place in Portugal because of problems with the volcanic ash. The message alleges that the cloud of ash damaged the aircraft engine, causing it to crash into homes and kill more than 150...

Vivian Ho | 10 May 2010 19:10:57 GMT

Mother’s Day was yesterday—hopefully you didn’t forget! I also hope you weren’t too worried about getting a decent gift for your mom. There was no shortage of spammers who wanted to help you out with that. Symantec observed that spam related to Mother’s Day had, of course, increased since mid-April. Touching gift selections as well as flowers and greeting cards were being offered.

The following Mother’s Day spam samples were the most frequent types of messages that were seen. The messages came in hit-and-run spam form, the body content often changing from domains and promotional text to advertising images:

From: "eCards" <eCards@[Details Removed]>
Subject: Make your Mother smile this Sunday

From: Mothers Day Flowers <flowers@[Details Removed]>
Subject: $19.99 Mothers Day Flowers + Free Chocolates

Samir_Patil | 07 May 2010 13:09:59 GMT

Protecting personal information on the Internet is always a concern for computer users. Phishers are notorious for plotting sophisticated attacks that push them into a user’s inbox. In the Symantec Probe Network we have observed an interesting phishing sample in which spammers are focusing on individualized attacks.
With this tactic the phishing message is tweaked slightly to give a personalized look. The email message is an online fund transfer notification and contains the name of the user in the email salutation. The message also alleges that funds have been transferred to a user’s account by an actual person, and the supposed name of that person is provided. The “From” header is forged to appear as if the email originates from a legitimate bank. The URL provided in the message actually directs the user to the phishing website.


Mayur Kulkarni | 29 Apr 2010 20:56:35 GMT

Surprising? Not the least bit. Spammers have always shown their liking for big names and brands. And very often these brands are abused to spread malware or gain access to users’ accounts. However, they are also sometimes used only to entice users to open emails. These emails may contain links to pornographic or pharmacy sites.

During recent times we have monitored spam attacks that have used the email templates of famous Internet brands such as Amazon, Apple, and now, Twitter. Using the email templates of well-known newsletters and notifications is a commonly known trick to make recipients believe the authenticity of spam email. Recipients may treat these emails as legitimate and may open them without any suspicion. Though this attack uses an old trick, we feel it is important that users are reminded about this type of spam campaign, which has been observed for over a month or so. We have seen...

Suyog Sainkar | 27 Apr 2010 21:11:56 GMT

We first reported a similar 419 scam email back in the July 2008 State of Spam report. Let’s first understand what a 419 scam is. 419 spam is named after the section of the Nigerian Criminal Code dealing with fraud, and refers to spam email that typically alerts end users that they are entitled to a sum of money, by way of lottery or a new job or by being nominated as beneficiaries to the fortune of a retired government official or a wealthy person. This is also sometimes referred to as an advance fee fraud.

Symantec recently observed another 419-type spam attack where the spammer obtained a user’s credentials and sent out email to the contacts in the victim’s address book, seeking help in the form of money—obviously with a cooked-up story. Here is a spam message sample:

From: "Xxx Xxxx" <...