TrendLabs observed an increase in malicious medical advertisements spammed to users’ e-mail inboxes. Two of the samples our engineers obtained looked legitimate, even had professional-looking graphics (see Figures 1 and 2). Another was just the normal, everyday, plain-text spam (see Figure 3).

The spammed messages enticed recipients to purchase the medicines the scammers were selling. These lured recipients with supposed huge discounts, ranging from 70–80 percent off of all products. The messages also sported links that when clicked redirected users to a spoofed online store that sold male organ-enhancing pills.

More recently, a spam run that uses a new feature was discovered. Instead of asking recipients to click an embedded link or an image, it asked them to open the .JPG file attachment—an image of Viagra and Cialis—along with the line, “DO NOT CLICK, JUST ENTER (a particular URL) IN YOUR BROWSER.” The spammed messages also contained a series of salad words to avoid being filtered (see Figure 4).

Trend Micro™ Smart Protection Network™ protects product users from this threat by preventing the spammed messages from even reaching users’ inboxes via the email reputation service. It also blocks access to malicious sites via the Web reputation service.

Non-Trend Micro product users may also benefit from using free tools like eMail ID, a browser plug-in that helps users identify legitimate email messages in their inboxes.

Additional text by Trend Micro anti-spam research engineer Gedrick Lacson