The Spam Omelette #53 - When Winning Actually Means Losing

Week in Review: November 3 - December 2

1. UNSUBSCRIBE links are back in the game

During the past weeks, newsletter-based spam has witnessed a slight decrease, along with the "main course" it serves: medicine spam. However, the word UNSUBSCRIBE is back in top and has been mostly identified in messages advertising sexual enhancement drugs from Canadian Pharmacy. The message features an invalid unsubscribe link and is sent on the behalf of Yrqnuveixu Inc (a random 10-letter combination that is probably generated by the Pushdo botnet).

2. EMAILs from Viagra

Ranking second in this week's spam top, the word EMAIL has been detected by BitDefender's spam researchers in a medium-size wave of unsolicited mail allegedly advertising Viagra pills. The message headers have been forged to hide the initial originator and all links to Viagra.com have been spoofed to send the user to http://bef.[removed]xeb.cn/ (a clone of the Canadian Pharmacy website).

3. Turkish SITE offering tips & tricks

The word SITE has been detected in a less-than-usual spam wave primarily targeting Turkish web users. The e-mail is written in Turkish only and advertises a "new method" of making money online.  In order to start their own business online, the victim has to purchase an electronic book on how to implement and optimize the Google's Adsense revenue system on their websites.

4. More PILLS delivered directly in your inbox

Initially spotted in early May, Acai berry spam makes a dramatic comeback on the fourth place. Disguised as a testimonial from a happy customer, the message includes a link to a website that sells the actual product.

5. Message from a scammer

Ranking last in this week's issue of the Spam Omelette, the word MESSAGE is mostly present in a medium-sized spam wave announcing the user that they are about to receive $15.3 million via courier services. All the victim has to do is reply the mail or contact the scammer by phone and provide them with their full name and address, telephone and mobile numbers and (surprisingly) a copy of their International Passport or Driver's License. Please note that this is not a joke that would eventually leave you without a certain amount of money, but a fully-fledged identity theft scheme that would dramatically impact on your life. Never reply this kind of message and - most important - never provide unknown persons personal information or copies of your documents.