Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response
Showing posts tagged with Spam
Showing posts in English
Anand Muralidharan | 02 Jul 2013 22:22:34 GMT

Independence Day in the United States is a federal holiday, commonly known as the 4th of July. It is traditionally celebrated with various political speeches, ceremonies, fireworks, and parades. Spammers are exploiting the holiday by sending numerous spam messages related to Independence Day events. Many of the spam samples observed are encouraging users to take advantage of clearance sales on cars, as well as other product offers.
 

Spammers Independence 1.jpeg

Figure 1. Financial spam targeting U.S Independence Day
 

This spam email tries to lure users by stating that the 4th of July event is already seeing a record demand in 2013 vehicles. By clicking the link provided in the email, the user is redirected to the Web page and asked to select the type of car model for a...

Satnam Narang | 01 Jul 2013 17:18:14 GMT

Over the last few years, we’ve reported on a number of spam campaigns spreading through various social networking sites and applications. As with any social service, as it becomes popular, spammers look for ways to take advantage of this popularity by targeting the users of these services.

I’ve previously blogged about the popularity of online dating sites and highlighted an example of a malicious campaign using...

Ashish Diwakar | 27 Jun 2013 15:55:35 GMT

Contributor: Avdhoot Patil

As usual, phishers continue to focus on social networking as a platform for their phishing activities. Fake social networking applications on phishing sites are not uncommon. Phishers continue to come up with new fake applications for the purpose of harvesting sensitive information.

In the past six months, phishing on social media sites consisted of 6.9 percent of all phishing activity. Among the phishing sites targeting social media, 0.9 percent consisted of fake applications offering features such as adult videos, video chatting, adult chatting, free mobile recharge etc.

In May 2013, phishers implemented a fake security application on a phishing site that claimed to secure Facebook Fan Pages and thereby increase the “social security” of the user profile. A Facebook Fan Page is important, as it is a public profile on Facebook that can be used by celebrities, companies, and also by  regular Facebook users who...

Mathew Maniyara | 25 Jun 2013 15:57:38 GMT

Contributor: Avdhoot Patil

Digital currency, a form of electronic money, is a relatively new concept to the world. Many of these currencies have arisen during the past decade and digital currency in general has always been a subject of controversy. In recent years, the world witnessed the suspension of some digital currencies due to legal issues such as money laundering. However, phishers are not concerned about the controversies; instead they are busy seeking opportunities to steal digital currency or money in any form whatsoever. In May 2013, we found a phishing site that spoofed a popular digital currency company.

The phishing site alerted users of an account security update. According to the notice, the company wanted to ensure the integrity of their transaction system by reviewing user accounts. Users were notified that their accounts might be restricted due to multiple failed login attempts. The alert message instructed users to enter their confidential...

Satnam Narang | 24 Jun 2013 21:57:26 GMT

In late January of this year, Twitter released Vine, a social video-sharing service that it acquired in late 2012. Initially launched on iOS, Vine has similar characteristics to Twitter as videos are intentionally short (users are only allowed six seconds) and to the point. Earlier this month, an Android version of Vine was released and it was reported that the service had amassed over 13 million users on iOS alone.

With its increasing popularity, it comes as no surprise that spammers are targeting Vine and its users. Last year, we reported on the rise of Instaspam as a result of the mobile photo sharing application’s soaring popularity.
 

...

Anand Muralidharan | 13 Jun 2013 18:43:50 GMT

The International Cricket Council (ICC) Champions Trophy 2013 is currently being held in England and Wales. The group matches are already in progress and the grand finale will be held on June 23. In the past, Symantec observed various spam emails targeting the ICC World T20 and the Cricket World Cup. As expected, we have seen ICC Champions Trophy 2013 scam emails flowing into the Symantec Probe Network.

Nigerian scammers have reached out through text based emails, .doc files, and PDF files. Here, the scam message is attached as a .doc file called ICC UPDATE.doc. The email says that the reader has won a brand new Camry Solara worth 85,000 Euro. This is typical of 419 scams. The scam email explains that the winning email address was obtained in a raffle and was sent to the final drawing conducted at...

Ashish Diwakar | 11 Jun 2013 04:44:49 GMT

Contributor: Avdhoot Patil

It seems that targeting football clubs, football celebrities, and football events has become a habit for phishers. They continue their uncivilized activities and in particular single out football. Now, phishers have set their eyes on the Real Madrid Football Club based in Madrid, Spain. Real Madrid is one of the world’s richest football clubs and has a large fan base.

Real Madrid fake login.png

Figure. Fake Facebook phishing page featuring Real Madrid and Cristiano Ronaldo.

 As we can see in the figure, the phishing page asks users to enter Facebook login...

Anand Muralidharan | 10 Jun 2013 20:59:45 GMT

Contributor: Vivek Krishnamurthi

The International Dance Competition “Dance Grand Prix Europe” is set to begin June 12 and will be hosted in Spain. The purpose of the competition is to showcase all the top dancers from various dance schools and this major event attracts choreographic talent from around the world. Spammers also don’t want to miss this event and the opportunity to circulate a scam.
 

image1_0.jpeg

Figure 1. Dance Grand Prix Europe 2013 spam
 

To grab the reader’s attention, the spam email reveals some appealing facts about the event along with "only a little fee" required but no additional charges for participation in the event. Clicking the URL will automatically redirect the user to a website...

Anand Muralidharan | 10 Jun 2013 13:27:32 GMT

A lot of people are counting down the days until they can express their appreciation and love towards their dads by giving them gifts for Father’s Day, which is celebrated on June 16. Last month we published a blog called Spammers Continue to Exploit Mother’s Day, now it’s the turn of Father’s Day, as spam messages have started flowing into the Symantec Probe Network. Most of the spam emails attempt to encourage users to take advantage of product offers, fake surveys, and replica watches. Clicking the URL contained in the spam message automatically redirects the user to a website containing a bogus offer.

Figure1_1.png

Figure 1. Gift offer spam

Figure2_0.png...

alisa_tsai | 10 Jun 2013 05:13:30 GMT

The Dragon Boat Festival, also known as the Duanwu Festival, is an important traditional holiday that has been celebrated by Chinese people as well as other people in East Asian societies for nearly 2,000 years. It is a day for people to drive away epidemics and evil spirits in summer by holding a series of symbolic activities because in ancient times, summer was considered to be a season of bugs, snakes, and fleas that could cause serious diseases.

There are several traditions followed on this day, such as holding a dragon boat race, eating sticky rice dumplings wrapped in bamboo (Zong zi), drinking realgar wine (Xionghuangjiu), and wearing perfumed medicine bags. Many of these activities involve some sort of commercial component—and spammers will never miss a good opportunity to make a profit.

This year, the Dragon Boat Festival is going to be celebrated on June 12, 2013. In the lead-up...