Symantec Connect
  • Login
  • Register
  • All of Connect
    • All of Connect
    • Backup and Archiving
    • Endpoint Management & Virtualization
    • Storage and Clustering
    • Security
    • Inside Symantec
    • Vision User Conference
    • Partners
    • Developers
    •  
  • Overview
  • Forums
  • Articles
  • Blogs
  • Downloads
  • Events
  • Videos
  • Groups
  • Ideas

Security Response: Showing posts by Amanda Grady: Showing posts in EnglishSyndicate content

Login to participate
Glued Body Spam Attacks
Amanda Grady | May 5, 2009
0 comments

Spam messages with empty bodies are often associated with “directory harvest attacks,” which is a spamming technique where email servers are bombarded with thousands of emails in the hope of discovering the valid ones; or it may be that the call to action is entirely contained in the subject line (as is described here). In recent weeks Symantec has been observing a different type of blank-body spam attack.

In these attacks, when the message arrives on the end-user’s machine, the “subject,” “from” line, “to” line, and “body” are all completely blank. If the full message headers are examined, a typical pharmaceutical spam advertisement can been seen in the message headers, along with the content headers from the data stage of the SMTP conversation, as shown below.

 

...

Read more
Tags: Endpoint Protection (AntiVirus), Security, Spam, Security Response
A Spammer Has Sent You a Message
Amanda Grady | January 7, 2009
0 comments

Symantec has observed at least two major social networking sites being spoofed in spam attacks this week. The spam is likely hitching a ride on the back of a recent phishing scam, as discussed on our Norton Protection Blog. The spam emails appear to be official notifications from the social networking sites, with identical subject line formats. The headers of the messages, such as message ID, received lines, and even the custom X-headers have been carefully crafted to closely mimic a legitimate email as closely as possible.

The lure of the emails is the promise of a free mobile phone. There are two different attack vectors being used. In the first variation the user is invited to click directly on a link in the email. In some cases, a free blogging site is used as an intermediary to...

Read more
Tags: Endpoint Protection (AntiVirus), Security, Spam, Security Response
Casino Spam Rolling Higher
Amanda Grady | November 28, 2008
0 comments

In recent weeks, Symantec has observed an increase in messages promoting online casinos, typically offering a cash bonus or VIP treatment. Leisure spam (defined as email attacks offering or advertising prizes, awards, or discounted leisure activities) has accounted for up to 10% of spam globally during early November. 

 

As we reported in the March 2007 State of Spam report, these attacks are often translated into many different European languages in order to maximize the reach of the attack. The URLs are quickly changed from message to message, with a simple directory change for each European language–a French example is shown below. Spammers change the URLs frequently in order to try and stay ahead of URL-based anti-spam filters. Symantec uses more than 20 different filtering technologies in order to...

Read more
Tags: Endpoint Protection (AntiVirus), Security, Spam, Security Response

About Security Response Blog

Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
Filter by:

Blog Tags

10.x 11.x 9.x and Earlier Antivirus2010 Backdoor.Tidserv Brightmail Gateway Emerging Threats Endpoint Encryption Endpoint Protection (AntiVirus) Endpoint Protection Small Business Enterprise Security Manager Evolution of Security General Symantec IT Healthcare Landscape IT Risk Management Internet Security Threat Report Live PC Care Malicious Code Misleading Applications Mobile & Wireless Online Fraud Password Management Restore Security Security Risks Spam Sykipot SymbOS.Exy Symbian Trojan.FakeAV Trojan.Zbot VirusDoctor Vulnerabilities & Exploits Windows Zeus
© 2010
  • Symantec Corporation
  • Contact Us
  • Get RSS
  • Privacy Policy
  • Symantec.com