Malware City/Blog/

Jul
15
Filed Under:
SPAM REVIEW

The Spam Omelette #33 – Tedroo is Back in Town

15 July 2009
Welcome to the Spam Omelette, BitDefender’s weekly newsletter on the latest spam trends and techniques. In order to accurately draw the spam chart, we analyze about 7 million spam messages. In case you missed our previous reports, please have a look on our testing methodology before reading any further.

Spam map 33

 

1. UNSUBSCRIBE links stronger than ever

Ranking first in this week's issue of the Spam Omelette, the word UNSUBSCRIBE is mostly encountered in unsolicited messages coming from Canadian Pharmacy. As usually, the unsubscribe links have been redirected to a Canadian Pharmacy website clone via Chinese domains acting as relays. Moreover, these domain names are composed of eight random characters and keep tabs of the mail addresses whose users have followed the embedded links.

Unsubscribe spam

2. PRIVACY is long dead

The word PRIVACY has also been identified mostly in medicine spam messages coming from Canadian Pharmacy. Almost as prominent as the number one entry in this week's spam top, the word is present in footer links embedded inside newsletter-like spam messages.

Privacy spam

3. CLICK anywhere - you'll only get spam!

Ranking third in this issue of the Spam Omelette, the word CLICK has been identified by the BitDefender spam analysts in multiple messages advertising medicine products. Although most of these messages send the user to a Canadian Pharmacy website clone, the spammer is using multiple templates and relies on various intriguing message subjects to lure unwary users into opening the mail.

Click spam

4. WebMD spoofed newsletters back on track

The word WebMD has been spotted in this week's spam map, after a couple of weeks of absence. It seems that WebMD is one of the favorite visual identities for spammers. However, the re-emergence of WebMD in our weekly top does not only hint on the fact that Canadian Pharmacy has re-enforced its spam business, but also that more and more computers fall victim to Trojan.Spammer.Tedroo, the spam bot responsible for this kind of messages.

WebMD spam

5. Fresh out of the oven: DIPLOMA spam

Educational spam is once again on the rise in a troubled economic environment with fewer employment opportunities. These messages try to persuade users into buying "fully-accredited university degrees" - actually worthless sheets of paper issued by miscellaneous private organizations. BitDefender's spam analysts estimate that academic spam accounts for more than one percent of the total amount of worldwide spam.

Diploma Spam





By Bogdan Botezatu
Bogdan never trusts anything until it is disassembled into small pieces and carefully inspected. The passion for writing and the almost obsessive attention to details are some of his greatest qualities and, at the same time, some of his greatest flaws.

Related

01-07-2009 | The Spam Omelette #32 – On Job Offerings and MSN Newsletters

24-06-2009 | The Spam Omelette #31

18-06-2009 | The Spam Omelette #30

11-06-2009 | The Spam Omelette #29 – New Spam Techniques Ramping Up

Comment on this

Name:

Email:

Website:

Your email adress will not be published.