Spam

Since yesterday, our lab has detected a flood of email messages that seem to contain a Microsoft Update, but it’s actually malware. We’ve seen around 3,000 in a few hours. The message is like the following: This email, which seems to have been sent by the Microsoft Support team, informs you that a new security update for Outlook/Outlook Express has been released. It’s a critical update, so it’s better to install it as soon as possible. ...

We were made aware that phishing for Skype credentials is currently taking place. The link the phishing mails direct to are dangerous – they aren’t detected by any phishing filter of the popular browsers yet. One thing caught my attention. Modern browsers should support domain highlighting so that the real domain is visible when someone surfs the Internet. Like Internet Explorer 8 properly does: There you can clearly see that you are not on the Skype website, but on another domain. ...

I am a very lucky guy. In fact, I must be the luckiest person in the world since spammers like to send all kinds of lucky spam to me. These days, I get inundated with lucky spam. The last spam I had, I got offered a free gift card if I purchased some Viagra from them. Wow. On other days, asking me to lose my weight results in instant chances of winning a lottery at the same time and all of this is due to my lucky email address. ...

This week we’ve seen a spam campaign aimed at separating unsuspecting users from their iPhone details. Messages have the subject “IMPORTANT: Your iPhone Warranty Extension for 1 Year!”, pretend to be sent from “[email protected]”, and look as follows (click to enlarge the image): Recipients who feel like they can’t let this limited-time too-good-to-be-true special offer pass them by will find themselves redirected to the following page: ...

The European Network and Information Security Agency (ENISA) has released a report that says 95 percent of all email is now spam. The report was based on surveying last year of email traffic by about 100 service providers in 30 countries. ENISA Executive Director Dr. Udo Helmbrecht said: “Spam remains an unnecessary, time consuming and costly burden for Europe. Given the number of spam messages observed, I can only conclude more dedicated efforts must be undertaken. _ _ “Email providers should be better at monitoring spam and identifying the source. Policy-makers and regulatory authorities should clarify the conflicts between spam-filtering, privacy, and obligation to deliver.” ...

Notable highlights this month include the shift of the regions of message origin, and changes in the average size of spam messages. In recent months, APJ and South America have been taking the spam share away from the traditional leaders of North America and EMEA. However, North America and EMEA together sent 57 percent of spam messages in December 2009, compared with 50 percent in November 2009. With respect to the average size of the messages, the 2kb – 5kb message size category increased by seven percent, while the 5kb – 10kb message size category decreased by six percent in December 2009. With respect to all spam categories, health and product spam have increased and now account for 52 percent of all spam messages. Click here to download the January 2010 State of Spam Report, which highlights the following trends: ...

The spammers and malware authors profited of the holiday time when a lot of people are at home and sent a large amount of emails just before the official free days. As can be seen in the graphic below, we registered a higher activity in the two days before the holidays and immediately after them. The red bars are either weekend days or holidays (25.12 and 1.1). What kind of spam was sent? ...

Angelina Jolie and Barack Obama are the #1 celeb subjects of choice for spammers, according to McAfee January Spam Report. The report also reveals: • The top 25 men and women that were spammed • Chinese pharma spam isn’t going away – in fact, on Dec 14, spam levels skyrocketed with subject lines advertising discounts on Pfizer drugs • “Free-hosting” websites to provide spam URLs has become a major target for spammers ...

The Internet Storm Center reports that malware which claims to be “new Outlook Web Access settings” is still being sent out by cyber criminals. We saw those malware emails in the middle of October already.

I recently received a suspicious Gmail chat message from a friend (shown below). I was immediately suspicious about the message because this friend has never used chat to talk with me previously, and also he appeared to be offline and the content of the message was similar to messages that other instant messaging worms use. I expected that when I clicked on the link I would be asked to download an executable thinly disguised as a photo (for example, coolpic.jpg.exe) like W32.Scrimge.E or that some drive-by exploits would be used on the page such as the ones Koobface uses. Instead I was brought to the following page that asked me to log in to my choice of MSN, Yahoo, Gtalk, or AIM accounts to view the “private album.” ...