Spammers are Excel-ing, literally. Text and image spam as PDF files are now old news as MS Excel enters the spam scene. Last July 22, Trend Micro researchers started noticing email messages that carry ZIP-packed Excel files. When opened, these Excel files stink of pump-and-dump schemes that spam mails are now notorious for. See images below:

Email

Zip Archive

Excel File

Using ZIP as carrier of malicious files is already a known routine of many malware families like WORM_BAGLE and TROJ_YABE. Using ZIP as carrier or as part of a spam scheme, however, is quite new and may be a social engineering tactic more than anything else. The fact that the email arrives as an Excel file packed in ZIP may have more to do with an attempt to lend credence to a stock-related email at a time when authorities are seriously running after pump-and-dump spammers. That the spammer chose Excel, an application usually associated with accounting ergo money, may not be a coincidence as well.

Spam Excel(s) now and it is not far off the mark that it Word(s) and PowerPoint(s) in the future…and Photoshop(s) and Outlook(s) and ….

Big Hollywood movies are usually fodder for spammers, who send out their wares just when anticipation for a certain feature film reaches fever pitch. This was observed earlier this year when The Pirates of the Caribbean: At World’s End and Harry Potter and the Order of the Phoenix came out.

The latest to become the target of a spam campaign is The Simpsons Movie set to premiere on the last week of July. The spammed email message contains an image of Homer Simpson sitting on a brown sofa, decked out in only a beer belly-baring Superman tee and white briefs.
Above his head is the question Will you go see the movie The Simpsons? and a call to action: Take our short survey now. When clicked, the image leads to a Web page that asks for a user’s email address which would be another legitimate address added to the long list of a spammer’s victims.

Trend Micro warns users to be wary of spam riding on a blockbuster release. These are not usually part of a big-budget campaign to market a film but rather a quite effective tactic for spammers to get what they want.