Print | Send on Yahoo! | PDF version | RSS | Filed Under: SPAM REVIEW

The Spam Omelette #57 – On Twitter Spamming Tools and Russian Pharmacy

Welcome to a new issue of our Spam Omelette, the weekly review focused on the latest trends in the spam industry. Before moving forward with the material, please take a look at our testing and map generation methodology, as explained in our first issue.

Week in Review: January 27 - February 2

Medicine spam is here to stay, or at least that is what the findings of the second E-Threats Landscape Report for 2009 revealed. With Canadian Pharmacy and MaxGentleman as the two most notorious contenders of the medicine spam industry, the spam landscape hasn't quite changed in a while.

If you have been with us since the beginning, then you probably have noticed that the top 5 words associated with spam have remained relatively unchanged and usually depict the footer line of a regular newsletter (Unsubscribe, Privacy, Policy, Copyright and E-Mail). In order to stay relevant, we will not detail upon any of these words unless they are exploited in a new way than usually.

1. WebMD ads leading to Canadian Pharmacy

Ranking first in this week's issue of the Spam Omelette, brand name WebMD is found in forged newsletters sent by Canadian Pharmacy on the behalf of WebMD. As we mentioned before, WebMD is a legit e-zine dealing with news from the healthcare industry, which makes the brand more appealing to medicine spammers.

It seems that Canadian Pharmacy is expanding its business these weeks: if during 2009 we have seen these ads leading to a China-based web domain, the new spam wave points the unwary visitor to a Russian webpage. All in all, the spammer still sticks to countries where the antispam legislation is either lax or totally absent.

 

2.  E-Mail Bait for Haiti

Spammers and cyber-criminals are always ready to take new opportunities around extraordinary events. This was the case with the ill-fated Storm Worm, and now history repeats itself with the Haiti earthquake. This specific spam wave asks people to donate a variable amount of money to the victims of the Haiti earthquake. The message is written in extremely poor English and is full of spelling errors, the first hint that it is not sent by a legitimate organization. Unwary recipients that choose to follow the request will most likely donate to a criminal organization.

3. If you've got any difficulties, click here

The world DIFFICULTY ranks third in BitDefender's spam top for the previous week. This new addition to the Spam Omelette is mostly found in messages containing pictures and comes as a piece of advice for people whose mail filters managed to block the image. When clicked, the link will redirect the user to a Canadian Pharmacy clone website.

4.  Give us your ADDRESS, we'll send you money

The word ADDRESS has been identified by the BitDefender spam researchers in a medium-sized spam wave announcing its victims that they have won GBP500,000 at the Coca-Cola Donation Raffle. In order to get their prize, users must first reply the message and provide a couple of personal details, that may be used in identity theft schemes, spear phishing attacks or even as contact information for various types of spamming.

5. SOFTWARE, the new cash cow in town

The word SOFTWARE concludes this week's issue of the Spam Omelette and has been identified in multiple spam waves. We have already covered pirated software offerings disguised as OEM deals in our previous spam reports. This week's "deal" advertises a get-rich scheme that would allegedly bring the victim about $2500 a day. Called the Turbo Cash generator, the advertised software utility is actually a Twitter spamming tool that posts links to a specific website on other users'accounts. If taken, the "deal" not only that would get you banned from Twitter, but will also bring your business enough bad reputation.