Buy now and install on all your devices from one easy email. X

April Fools! You've Been Spamvertised

Exposing the dark underbelly of fraudulent email campaigns

April Fools!!

Before we get into the nitty gritty, let's define Spamvertising. Spamvertising is the combination of the words "spam" and "advertising." It's the super nasty stuff that arrives in your email inbox and, recently, even in your Facebook messages.

All you have to do is click on one link within a message and spamvertising sends you to fake pharmaceutical, pornography, credit card, gaming, or company websites in the hopes that you'll fork over your personal or financial information.

Cybercriminals lure you into visiting these vandalized websites through some relatively convincing messaging, which is usually laced with some sort of urgent request. And while recent collaborations between email and website providers are making progress toward obliterating spam, our natural curiosity to click remains a boon for cybercriminals.

So let's take a look at three spamvertising campaigns that have been uncovered by our very own threat blogger extraordinaire, Dancho Danchev, so that we might be better prepared for the bad stuff in the future.

Lesson 1: Spamvertising Facebook
This is an example of a spamvertising campaign that uses Facebook as a vessel for fraud.

April Fools!!

This message doesn't look like the junk you get in your email inbox, so you may be swayed to click on the link. Besides, the message could be about those Snoop Dogg tickets your friend was supposed to buy you for your birthday. So imagine your shock when the ostensibly truthful message directs you to the pharmaceutical items shop below.

April Fools!!

Ding, ding! You've been spamvertised.

So how do you know that the above message is spam? One clue is the spelling error. Did you catch it? They spelled the word "receive" incorrectly, and spelling mistakes are typically red flag for scams. Another clue is that Facebook messages have a link at the bottom of the message that directs you to unsubscribe or edit your Facebook email notification settings.

Lesson 2: Spamvertising Familiar Companies
In this example, cybercriminals imitate Hallmark to entice you to click.

April Fools!!

This message is dangerous for a few reasons: First, numerous links contain the word "Hallmark," including a fake link to the Hallmark website, so your brain tells you this message is safe. Second, the cybercriminals know that just the mention of a privacy policy can lead to enough trust to click.

Once you click, however, you won't be getting a lovely e-card from your long-lost cousin, Randy. Nope, you'll get a harrowing malware injection instead. Spamvertised again!

So what are the clues that this fake Hallmark message is spamvertising? Well, the weird capitalization and formatting are a few clues-we know this from the last example. But another way you can figure it out is by hovering over the link-but don't click!–to reveal the real website destination. For most Internet browsers, once you hover over a link, the destination URL is shown at the bottom-left corner of your window.

Lesson #3: Spamvertising Credit Card Carriers
Cybercriminals have also found success by impersonating Citibank and other card carriers.

April Fools!!

Can you sense the urgent tone of this email? "Failure to provide," "account suspension," "unauthorized login"–these phrases cause a reaction in our brain that begs us to fix the situation. But once you click on that link, you'll be exposed to a fraudulent Citibank-themed web site that requests–er, steals–your account data. Doesn't the site below look real?

April Fools!!

So what are the warning signs in this message? If you used the previous two examples as a guide, you probably spotted the formatting and grammatical errors. You may have even noticed the strange wording on their link. Nice job. But there is one more clue that is inherent of most spamvertising: The email is not addressed to you personally. Impersonal greetings such as "Dear Client" or "Dear Customer" are an easy ways to spot spam (your credit card company should probably know who you are, right?).

Moving Forward
The cybercriminals are getting smarter, despite their inability to formulate logical sentences. For example, in an attempt to bypass anti-spam filters, spammers are now using image files containing the message of the email, instead of using plain text and the simple characters that typically trigger anti-spam mechanisms. That's a smart workaround.

The truth is, many of us will be tempted to click on their bogus messaging (curse you, curiosity!) no matter how much education we have on the subject. Be vigilant when interacting with email from unknown sources.

So before you move on with the rest of your day, take these 7 spam-spotting tips with you:

  1. Install computer security that catches spamvertising
  2. Do not provide personal information to any unsolicited requests for information
  3. If you suspect you've received spamvertising, contact the company that is the subject of the email by phone to check that the message is legitimate
  4. Type in a trusted URL for a company's site into the address bar of your browser to bypass the link in a suspected spam message
  5. Use varied and complex passwords for all your accounts
  6. Continually check the accuracy of personal accounts and deal with any discrepancies right away
  7. Practice safe email protocol:
  1. Don't open messages from unknown senders
  2. Immediately delete messages you suspect to be spam

Webroot® SecureAnywhere Essentials and Webroot SecureAnywhere Complete customers receive automatic spam and phishing protection. Click here to learn more.

Past Newsletters

2014 Newsletters
March Newsletter
June Newsletter
2013 Newsletters
October Newsletter
July Newsletter
April Newsletter
January Newsletter
2012 Newsletters
December Newsletter
November Newsletter
October Newsletter
September Newsletter
August Newsletter
July Newsletter
June Newsletter
May Newsletter
April Newsletter
March Newsletter
February Newsletter
January Newsletter
2011 Newsletters
December Newsletter
November Newsletter
October Newsletter
September Newsletter
August Newsletter
July Newsletter
June Newsletter