Symantec observed a spike of malicious spam activity in the early morning of March 16. These spam samples use subject lines related to the recent natural disaster in Japan and political unrest in the middle east. This blog discusses the end-to-end analysis of the attack.
As shown in the samples below, the spam mail uses subject lines related to the nuclear disaster due to series of explosions at Japanese nuclear plants, earthquake and tsunami effects on the global economy, and unrest in middle east.
Below are some of the subjects used in the attack.
Subject: Japanese Stocks May Defy Earthquake, Gain as Global Demand Drives Exports - Bloomberg
Subject: Quake-prone California questions nuclear safety - Reuters
Subject: Yen slips as risk aversion flows subside - Reuters
Subject: Japan Adds to Global Economy Woes
Subject: Apple delays Ipad 2 launch in Japan - Inquirer
Subject: European hospitals may aid Japan