Posts Categorized: spam


Spamvertised ‘Your Amazon.com order confirmation’ emails serving client-side exploits and malware

by

Everyone uses Amazon! At least that’s what the cybercriminals are hoping.  Cybercriminals are currently spamvertising millions of emails impersonating Amazon.com Inc. in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. More details:

Continue Reading »

Spamvertised ‘DHL Package delivery report’ emails serving malware

by

Cybercriminals are currently spamvertising millions of emails impersonating DHL in an attempt trick end and corporate users into downloading and executing the malicious .zip file attached to the emails. More details:

Continue Reading »

Spamvertised ‘UPS Delivery Notification’ emails serving client-side exploits and malware

by

Think you received a package? Think again. Cybercriminals are currently spamvertising millions of emails impersonating UPS (United Parcel Service) in an attempt to trick users into downloading the viewing the malicious .html attachment. More details:

Continue Reading »

Skype propagating Trojan targets Syrian activists

by

The Electronic Frontier Foundation (EFF) is reporting on a recently intercepted malicious documents distributed over Skype, apparently targeting Syrian activists. Upon viewing the document, it drops additional files on the infected hosts, and opens a backdoor allowing the cyber spies behind the campaign access to the infected PC.  Webroot has obtained a copy of the malware and analyzed its malicious payload. More details:

Continue Reading »

‘Windstream bill’ themed emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating the Windstream Corporation, in an attempt to trick end and corporate users into clicking on links found in the malicious email. Upon clicking on the links hosted on compromised web sites, users are exposed to client-side exploits served by the BlackHole web malware exploitation kit. More details:

Continue Reading »

Pop-ups at popular torrent trackers serving W32/Casonline adware

by

Everyone knows that there’s no such thing as free lunch. The same goes for freely distributed pirated content online. Recently, Webroot decided to sample malicious activity within some of the most popular Eastern European torrent trackers, based in Bulgaria, Ukraine, and Romania for starters. The results? Countless backdoored key generators and cracks for popular games and software, and most interestingly, monetization of the huge traffic by delivering pop-ups promoting the ubiquitous W32/Casonline adware, which in case you remember was recently spamvertised to millions of end and corporate users. More details:

Continue Reading »

Spamvertised CareerBuilder themed emails serving client-side exploits and malware

by

End and corporate users, and especially CareerBuilder users, beware! Cybercriminals are currently spamvertising millions of emails impersonating the popular jobs portal CareerBuilder in an attempt to trick users into  clicking on client-side exploits serving links. The current campaign, originally circulating in the wild since 26 Apr, 2012, is a great example of a lack of QA (quality assurance) since they’re spamvertising a binary that’s largely detected by the security community. More details:

Continue Reading »

Spamvertised ‘YouTube Video Approved’ and ‘Twitter Support” themed emails lead to pharmaceutical scams

by

Just like true marketers interested in improving the click-through rates of their campaign, pharmaceutical scammers are constantly looking for new ways to attract traffic to their fraudulent sites. From compromised web shells on web sites with high page rank, the impersonation of legitimate brands, to the development of co-branding campaigns, pharmaceutical scammers persistently rotate the traffic acquisition tactics in an attempt to trick more end users into purchasing their counterfeit pharmaceutical items. In this post, I’ll profile two currently spamvertised campaigns impersonating YouTube and Twitter, ultimately redirecting end users to pharmaceutical scams. More details:

Continue Reading »

Spamvertised bogus online casino themed emails serving adware

by

Cybercriminals are currently spamvertising online casino themed emails, which ultimately redirect users to a bogus casino site offering an executable download. Upon deeper examination, it appears that the download is actually adware. More details:

Continue Reading »

A peek inside a managed spam service

by

Just how easy is it to become a spammer in 2012? Too easy to be true. Especially in times when everything needed to become a spammer, starting for a managed spam appliance, DIY email harvesters, and millions of harvested emails, are available for sale within the cybercrime ecosystem. Despite the numerous botnet take downs we’ve seen in recent years, spam and phishing attacks continue plaguing millions of end and corporate users, potentially exposing them to malicious links, malicious payloads and fraudulent propositions. In this post, I’ll profile a Russian managed spam service that’s been in operation for 5 years, allowing […]

Continue Reading »