Print
|
Send on Yahoo!
|
PDF version
|
RSS
|
Filed Under: SPAM REVIEW
The Spam Omelette #4
Welcome to the fourth issue of the Spam Omelette! It’s been a month now since we started our visual trip into the spam world, but those of you who haven’t got acquainted with our testing and spam map generation methodology should check out our first material in the series.
1. The Nigerian scammer says PLEASE
Today's top word in spam is PLEASE. Deeper analysis revealed that it is mostly encountered in Nigerian scam messages. This specific e-mail follows the same pattern: a dead, filthy-rich relative allegedly left a huge amount of money to the receiver. Unlike other messages, the attacker reveals only a few details about the entire operation, but instead, they ask the victim to personally contact them via e-mail for further instructions.
2. Have some pills delivered via EMAIL
The word "EMAIL" ranks second in our weekly top and is mostly encountered in messages advertising products. However, as the users click the embedded link, they are redirected to a classical Canadian Pharmacy page. Ironically enough, the receiver is advised to forward the message to the rest of the contacts in the receiver's address book.
Although the vast majority of spam messages come with an "unsubscribe" link to add extra legitimacy to the message, clicking it is not recommended, as it would only confirm the receiver's e-mail address as active and used by a human operator.
3. You are one CLICK away from the great prize
BitDefender identified two distinct spam campaigns containing the word "click". The first one (and, at the same time, the largest) advertises the services of a new online casino. In order to make the receiver open the message, spammers use a generic subject: "You have 1 unread message". Moreover, the message also contains extra text, in order to trick Bayesian scanners and to avoid detection.
The second spam campaign promotes penis enlargement pills. It only contains a single sentence and the word "click" that links to a Spanish website.
4. Crooked ways to deliver your MESSAGE
Ranking fourth in our weekly spam top, the word "message" mostly occurs in messages sent using the NDR technique. NDR stands for Non-delivery report, a return email message to a sender indicating failed message delivery.
In order to send this type of messages, spammers willingly send mails to inexistent recipients, but they forge the Return Path in such a manner, that the message would actually bounce into the victim's mailbox.
5. Advertised as NEW, but actually old
The word "NEW" concludes our spam report for this week. It is mostly encountered in the same type of messages we detected two weeks ago (when it ranked second), namely an aggressive advertisement to online poker games. The message body remained unchanged, but the amount of sent messages decreased significantly.
What's new in the spam landscape?
Medicine spam dropped significantly over the last week, but German spam kept an ascending trend. Although the number of spam messages written in German is relatively smaller than its English counterparts, the presence of German words (Sich, Des, Ein, Hier, Bei, Auf, and Mit) in our weekly top should be enough of a warning about the rise of localized spam.
The Spam Omelette #3
Powered by