Video Screencast Help
Security Response
Showing posts tagged with Spam
Showing posts in English
Nick Johnston | 29 Aug 2013 08:24:31 GMT

As the international community coordinates its response to the deepening crisis in Syria, scammers have once again demonstrated their skill at using current, high-profile events to their advantage. We have previously covered these methods in regards to Egypt, Libya, and the Rugby World Cup.

We recently identified a scam message that claimed to be from The Red Cross. The message explains how the conflict is creating a humanitarian crisis and urges people to support The Red Cross and The Red Crescent.

SyriaScam.png

Curiously, the email includes a link to the actual British Red Cross...

Christopher Mendes | 19 Aug 2013 19:36:42 GMT

Contributor: Sujay Kulkarni

image1_9.png

The Ashes Test cricket series, one of most popular Test series in cricket, is played between England and Australia. It is played alternately in England and Australia and is the oldest test rivalry between these two sides. Cricket fans are glued to the TV and their online devices to watch this riveting series.

In the current Ashes series England is leading 3-0 and is on the cusp of creating history against Australia—if they beat them hands down in the last test match, which now is a real possibility. However, what is making the rounds is not Scholes, Carrick, or Robin Van Persie, but Captain Cook and his elite squad waiting to steamroll Australia.

This...

Christopher Mendes | 07 Aug 2013 08:17:13 GMT

It may sound strange, but one surefire sign that the economy is on the mend is an increase in stock spam. Yes, stock spam is a bellwether signal of an economic revival and if you want proof, check your email. Scattered in your bulk folder, you may find a myriad of such spam promising you ‘an opportunity of a life time.’ Rearing its ugly head every time there is a hint of an economic recovery, stock spam never misses an opportunity to try and con victims out of their hard-earned cash.

Over the years, stock spam has evolved, honing its method of psychologically hustling a victim into buying a particular stock that will ‘imminently’ be pumped up by some sort of syndicate. Stock spam creates an unwarranted urgency and promises a pot of gold at the end of it all.

Stock spam relies on a strategy called ‘pump and dump,’ where spammers create pseudo hysteria, beckoning victims to invest in penny or sub-penny stocks that would give...

Pavlo Prodanchuk | 25 Jul 2013 08:28:48 GMT

Last month Symantec posted few blogs (here and here) on an increase in spam messages with .pw URLs.

Since then the volume of URLs with .pw domains has considerably decreased. At the beginning of May the peak volume .pw domains accounted for about 50 percent of all spam URLs. Currently, .pw domains account for less than 2 percent for the last seven days.

Figure1_6.png

Figure 1. .pw TLD appearance in spam messages

The decrease in .pw domains is the result of a close collaboration between Symantec and Directi in reporting and taking down the .pw domains associated with spam.

The latest evidence from the Global Intelligence Network shows that even with such a small presence of...

Pavlo Prodanchuk | 23 Jul 2013 12:41:01 GMT

For the last few months, Symantec has been observing pharmacy related spam attacks where spammers are using the legitimate Google Translate service to avoid anti spam filters. 

Most of the samples received were sent from hijacked email addresses from popular free mail services. 
The majority of the messages’ subject lines were promoting either online pharmacies or well-known  tablets such as Viagra, Cialis and others. Furthermore, in an effort to make the spam immune to filters, several observed subject lines contained randomized non-English characters or words inserted at the beginning or end of the subject line. 

Figure1_4.png

Figure 1. Sample subject lines

The body of the spam message contains a Google Translate link as well as promotional text explaining the advantages...

Mathew Maniyara | 16 Jul 2013 21:24:37 GMT

Improving effectiveness of phishing bait is always at the top of any phishers’ agenda. They prefer to use bait that reflects enticing subjects in order to catch the attention of as many users as possible. Recently, we have seen phishers moving one step ahead. In addition to having eye-catching bait, they are compelling users to spread the word. In today’s example, phishers used free cell phone airtime as the phishing bait.

The phishing site requested Indian Facebook users to verify their account by entering their login credentials in order to get the fake offer of free cell phone airtime. But phishers, not content with just duping one user and eager to target even more, start off by saying the offer is only valid after posting this same offer on the profile pages of a number of friends. Phishers devised this strategy because obviously receiving messages from friends is more convincing than from unknown sources. The method phishers are using in effect enlists...

Anand Muralidharan | 05 Jul 2013 18:55:54 GMT

The 127th edition of the Wimbledon Championships, and third Grand Slam event of the year, are coming to an end with the final being played July 7. When it comes to major sporting events we can expect large amount of gambling, and spammers take advantage by sending online betting and casino email spam. We have observed the following spam campaign targeting the Wimbledon Championship with a fake betting offer.
 

image1_3.jpeg

Figure. Wimbledon Championship spam
 

Interestingly, in order to trick users the spammers are actually using Antispam Laws to make their spam look legitimate (which we recently blogged about in...

Anand Muralidharan | 02 Jul 2013 22:22:34 GMT

Independence Day in the United States is a federal holiday, commonly known as the 4th of July. It is traditionally celebrated with various political speeches, ceremonies, fireworks, and parades. Spammers are exploiting the holiday by sending numerous spam messages related to Independence Day events. Many of the spam samples observed are encouraging users to take advantage of clearance sales on cars, as well as other product offers.
 

Spammers Independence 1.jpeg

Figure 1. Financial spam targeting U.S Independence Day
 

This spam email tries to lure users by stating that the 4th of July event is already seeing a record demand in 2013 vehicles. By clicking the link provided in the email, the user is redirected to the Web page and asked to select the type of car model for a...

Satnam Narang | 01 Jul 2013 17:18:14 GMT

Over the last few years, we’ve reported on a number of spam campaigns spreading through various social networking sites and applications. As with any social service, as it becomes popular, spammers look for ways to take advantage of this popularity by targeting the users of these services.

I’ve previously blogged about the popularity of online dating sites and highlighted an example of a malicious campaign using...

Ashish Diwakar | 27 Jun 2013 15:55:35 GMT

Contributor: Avdhoot Patil

As usual, phishers continue to focus on social networking as a platform for their phishing activities. Fake social networking applications on phishing sites are not uncommon. Phishers continue to come up with new fake applications for the purpose of harvesting sensitive information.

In the past six months, phishing on social media sites consisted of 6.9 percent of all phishing activity. Among the phishing sites targeting social media, 0.9 percent consisted of fake applications offering features such as adult videos, video chatting, adult chatting, free mobile recharge etc.

In May 2013, phishers implemented a fake security application on a phishing site that claimed to secure Facebook Fan Pages and thereby increase the “social security” of the user profile. A Facebook Fan Page is important, as it is a public profile on Facebook that can be used by celebrities, companies, and also by  regular Facebook users who...