Print | Send on Yahoo! | PDF version | RSS | Filed Under: SPAM REVIEW

The Spam Omelette #12

Welcome to the twelfth issue of our Spam Omelette, the weekly review focused on the latest trends in the spam industry. Before moving forward with the material, please take a look at our testing and map generation methodology, as explained in our first issue.

Week in review: January 28 – February 4

 

We have been studying the spam landscape for more than twelve weeks now, but this week's report is quite special, as the total amount of German spam reached incredible proportions.

1. UND the winner is...

This week's top word is UND (German for AND). While we constantly eliminate common words in English in order to preserve relevancy, we do not filter common words in other languages. The word has been identified in unsolicited messages promoting explicit, adult video content.

2. EMAIL from Canadian Pharmacy

Just as we predicted in our previous issue of the Spam Omelette, Canadian Pharmacy strikes back in a new form. While previous campaigns were accompanied by relevant images related to sexual enhancement pills, the new spam wave only displays a discreet banner advertising "Shop Best Sellers".

This way, recipients can't tell whether the message is legitimate or not, and by the time they clear things out, they have already been presented the Canadian Pharmacy offering. The new strategy is more likely to pay off because spam victims have already got used to the old mail template used by spammers, but are unsure about what this type of messages really advertises.

3. Receive extra credit for online poker

Ranking third in our weekly spam top, the word "RECEIVE" has been detected in messages sent by online gambling website PokerSavvy. This week's campaign asks receivers to start inviting their friends to the poker table in exchange of extra credit points.

In order to promote these services, PokerSavvy uses the services offered by marketing company Bronto, but they also ask their members to spam their contacts with referrer links.

4. UNSUBSCRIBE tricks never die

Although the Canadian Pharmacy spam was rebranded, the old template hasn't been completely discarded. BitDefender's honeypot network is still collecting significant amounts of messages impersonating legitimate newsletters. As usually, the spam message contains a disclaimer mentioning a trustworthy company (such as Microsoft, for instance) as well as a forged unsubscribe link that only validates victims' email addresses as being in use.

5. TIME is money, but spam is a treasure

The word TIME ranks last in our weekly top and has been detected in messages advertising Canadian Pharmacy drugs. It seems like the company is trying to catch up for its prolonged absence from the spam scene.

What's new in the spam landscape?

• German spam has reached alarming proportions: und, sie, von, der, dem and arbeit are now visible on the generated spam map.
• Canadian Pharmacy is back in business as the most important source of unsolicited messages. Spam messages advertising their products are now more discreet and give no clues about the fact that the embedded link would take the user to an online drugstore.