EmailSafety.net - Spammers pin campaign on swine flu

Spammers pin campaign on swine flu

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Recent News

Swine flu spam is spreading like a virus of its own and recently turned malicious.

Spam campaigns often start with harmless e-mail messages and slowly build into more serious threats, according to Stephan Chenette, manager of security research at Websense Inc.

"Spammers are generally very well connected with each other and see how well it's working. It always goes through the test phase," he said.

They test campaigns with less threatening approaches, share feedback between each other, figure out what works and what doesn't and then launch increasingly harmful attacks, he explained. "

Related Content

"By us seeing they've increased the number of e-mails that are going out surrounding the swine flu, it indicates that so far it's been a very successful campaign," he said.

Websense has been tracking this latest trend, which has grown in the past week. The number of e-mail messages with subject lines related to Swine Flu is in the tens of thousands, according to Chenette.

The trend started off with traditional medical spam -- or medspam -- that didn't necessarily scam users, he said. "They were enticing the users by scaring them, but there were no malicious attachments."

Then the spam evolved into money-making schemes, with spammers trying to sell pharmaceuticals, medical devices and PDFs that contain generic information on the swine flu for $20 to $30, he explained.

"Medspam has always been something that spammers have used for making money and the fact that there's a flu-type symptom that allows them to sell their story in a more convincing way has been good for spammers," he said. "

The first swine flu e-mail with a malicious attachment surfaced this week. Symantec Security Response analyzed the file, which poses as a PDF document of Swine Influenza FAQs.

"When users attempt to access the PDF file, malcode within the PDF attempts to exploit an old Adobe vulnerability (BID 33751) in order to drop malware on the local computer," said a Symantec report.

Symantec detects the malicious PDF as Bloodhound.Exploit.6 and the dropped file contained in the PDF as InfoStealer, a trojan. Symantec rates it a Level 1 threat -- on the low end of the scale.

Users that follow typical best practices don't have much to worry about, said Marc Fossi, manager of Symantec Security Response.

Recent News:

· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High

Site Map | Recent News | Related Sites