Video Screencast Help
Security Response
Showing posts tagged with Spam
Showing posts in English
Joseph Graziano | 06 Feb 2014 04:01:19 GMT

It was only a few months ago that Paul Walker that left us in a fiery car accident. These days it is common for spammers and malware writers to use a celebrity’s death to spread malware. In this case, it started with emails with links to a video of Paul Walker’s car on fire, but instead contained a link to a malicious file.

In the latest slew of emails, the sender makes a plea to the victim to find a Dodge Viper GT that was supposedly racing with Paul Walker’s car. The email asks that anyone with information call a number in the email or open the attached file to view a picture of the Viper GT’s driver. In every sample we have dealt with there is always a promise of reimbursement or compensation for helping capture the Viper GT’s driver.

These attacks are unique because of the regular change of subject lines and body text to bypass spam filters. The attacker tries to personalize the email with the recipient’s name in the body, subject, or attached file name.

...

Christopher Mendes | 03 Feb 2014 18:13:40 GMT

Contributor: Sean Butler

As it’s the start of a Football World Cup year it’s only natural that we will see many campaigns in relation to this global event. There will be many marketing and promotional campaigns taking advantage of the hype and excitement surrounding this event. Amongst all of the legitimate marketing and promotion emails, you may also receive emails promising anything from free match tickets, to competitions and lottery prizes stating that you have won a car.

Sound too good to be true? Well, you would be right in thinking that!

Fraudsters will be looking to exploit the enthusiasm that comes with the FIFA World Cup, which will be taking place in Brazil this June. The ramifications of you being scammed could be very serious indeed. Not only could you become a victim of fraud by having your bank account emptied by these fraudsters, you could also end up with malware on your computer. This malware could do anything from stealing your...

Binny Kuriakose | 30 Jan 2014 09:39:42 GMT
China is gearing up to usher in the Year of the Horse, which begins with the new moon on January 31 this year. With more than a billion people worldwide preparing to celebrate the new year for the lunar calendar, the celebration this year promises more color than ever before.
 
Chinese New Year, also known as the spring festival, is a day for reunion and thanksgiving, where exchanging gifts is at the heart of the celebration. Friends, family, colleagues and even businesses exchange gifts to show love, respect and loyalty. Business owners often send gifts to their customers and shops offer gifts and discounts to show their gratitude. However, spammers are all too aware of this practice.
 
The spammers and fraudsters are known to capitalize on special occasions and exploit the noble gesture of giving gifts in order to send out spam. They are known to pose as friends and business owners and send emails promising gifts and...
Eric Park | 20 Jan 2014 18:44:19 GMT

Spammer success is dependent on two factors:

  1. Evading spam filters so the spam message arrives in the recipient inbox
  2. Crafting messages so that the recipient is enticed to open and perform desired call-to-actions (click on the link, open attachment, etc.)

Spammers walk a fine line to balance these two aspects; relying heavily on one factor and ignoring the other will make the spam campaign fail. For example, spammers can evade spam filters by randomizing the subject and body of the message, however such randomization is likely to be ignored by even the most unsophisticated user as obvious spam. Similarly, crafting stand-out enticing messages to increase the email open rate often results in spam filters blocking the message. Spammers have a tough challenge.

Rising up to meet this challenge, spammers are now hiding the true content from the user more than ever before. While there are still spam campaigns with links to online pharmacies with...

Satnam Narang | 15 Jan 2014 22:13:49 GMT

A few weeks after our blog post about porn and secret admirer spam targeting Snapchat users, a new spam campaign using sexually suggestive photos and compromised custom URLs is circulating on the photo messaging app.
 

image1_21.png

Figure 1. Snapchat spam
 

Each of these spam messages includes a request to “Add my kik”, along with a specially crafted user name on the Kik instant messaging application for mobile devices.
 

image2_12.png

Figure 2...

Eric Park | 15 Jan 2014 09:29:01 GMT
After a long hiatus, spammers are once again using an old trick, where they attach a .zip file to trick the user into executing the compressed malware. The chart below shows the number of spam messages with .zip attachments over the last 90 days in Symantec’s Global Intelligence Network (GIN).
 
figure1_6.png
Figure 1. Spam messages with .zip attachments over the last 90 days
 
On January 7, 99.81 percent of the .zip attachment spam that came into Symantec’s GIN had the file name “BankDocs-”  followed by 10 hexadecimal characters.
 
figure2_7.png
Figure 2. Email with “BankDocs-” .zip attachment
 
On January 8, 99.34 percent of the .zip...
Satnam Narang | 03 Dec 2013 16:49:11 GMT
Over the past week, users of the photo messaging application Snapchat have seen an increase in the number of spam snaps (Snapchat pictures). The service is now being infiltrated by a myriad of fake accounts sending spam snaps of topless women.
 
figure1_4.png
Figure 1. Spam accounts on Snapchat
 
Snapchat users are currently receiving requests from accounts named similarly, using the following format: “[GIRL'S NAME]snap_####”. Each request features a pending snap from these spam accounts. Despite the app offering privacy settings to only allow snaps from friends, users can still receive add requests from unknown users. Some Snapchat users we spoke to have noticed an increase in these requests over the last week.
...
Laura O'Brien | 26 Nov 2013 09:10:44 GMT
Contributor: Vivek Krishnamurthi
cyber_monday_graphic.png
 
December 2, 2013 marks Cyber Monday, the day when Internet retailers expect to experience a major surge in traffic thanks to people shopping online for the holiday season. The concept of Cyber Monday, or Mega Monday as it’s known in Europe, was introduced back in 2005. It takes place after the Thanksgiving holiday weekend, when people return to the office and buy Christmas presents from their work computers, according to retailers. Some dismissed Cyber Monday as marketing hype but over time, the day has grown in significance, thanks to competitive deals on offer from many major retailers. In 2012, the 500 biggest retailers in the US took more than US$206.8 million on Cyber Monday while in Europe,...
Binny Kuriakose | 22 Nov 2013 09:42:44 GMT

Contributor: Vivek Krishnamurthi

The holiday season starts in the United States on Thanksgiving on November 28 preceding Black Friday, which occurs on November 29. This also marks the beginning of the much awaited shopping season when people take to the streets to celebrate the shopping furor with their family and friends. The shopping buzz is fuelled by discount sales and promotional offers by online sites and retailer outlets.

With online commerce growing by the day, spammers may take advantage of the holiday season to target shoppers. The spammers usually send out fake promotional messages and bogus deals and lie in wait for any victims who are tricked by these scams. Symantec has been on the lookout for signs of such messages to warn the public on what to avoid this holiday season.

We found the most popular spamming techniques, which topped our chart early this holiday season 

Products offered at discounts never seen before...

Anand Muralidharan | 28 Oct 2013 06:33:53 GMT

Many people are waiting eagerly for Halloween, a holiday filled with mystery, magic and fantasy, where bonfires were lit and costumes were worn to ward off roaming ghosts. As expected, Halloween Day spam messages have started flowing through Symantec’s Probe Network. In this spam, users are asked to complete a fake survey, and then to click a URL containing the spam message, which redirects them to a website with a bogus Halloween Day offer.

 Top word combinations used in spam messages include:

  • Halloween – Costumes
  • Halloween – treat
  • Halloween – Special
  • Halloween – Survey

figure 1.png

Figure 1. The spam asks users to complete a fake survey for an offer

After a user completes the survey, a...