Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    2010 has been an active year both for spammers and anti-spammers alike. No new spamming techniques or tricks were used in 2010. However, the spammers kept the spam threat alive and kicking by recycling old tricks and combining popular spamming techniques seen in the past. Here are some of the notable spam types and techniques that continued to circulate this past year.

    Pharmaceutical and other health-related spam remained the most notorious type throughout the year. This spam type was not limited to selling pharmaceutical products online, the spammers also used these messages to disguise their phishing and malware attacks.

    Phishing attacks not only targeted banks. Phishers gradually switched their focus to target popular social networking sites such as Facebook, Twitter, MySpace, and the like. Sometimes, links in email messages redirected users to fake sites where their credentials were stolen. At other times, the links led to affiliate marketing sites such as online pharmacies or replica product websites.

    Social engineering was on the rise all year long using different noteworthy events and topics like the tax season, Wikileaks, and social networking sites to spread malware.

    Online gambling and casino-related spammed messages were especially prevalent in Europe where such activities were less strictly regulated than in North America. This spam type was frequently seen written in Spanish. Similarly, German was used in many spammed messages selling replicas in the third quarter as well. Other non-English spammed messages contained dating, adult, and commercial content.

    Nigerian scams and fake lottery notifications also continued to proliferate in 2010. We saw multiple variants presented in different styles and used varying techniques.

    Spam that carried malicious files or links to malware were also seen in 2010 with the proliferation of malware-related spam or “mal-spam” outbreaks. These frequently used conversational sentences such as “Thanks! Best Regards” with a personal signature at the end of email. The malware were attached to such messages.

    Breaking news events—real or otherwise—were also used such as a popular actor/actress supposedly getting into a car accident with a link or attachment that led to malware. Other mal-spam also used online postcard greetings to get users to go to malicious links or to download malicious attachments.

    Another type of spam that was frequently seen this year was salad word spam. The content of this type was noncommercial, nonadvertising, and nonbusiness related in nature. It could be an article or extracted from a website or even a paragraph from a biography. Some salad spam had no meaning while others were written with poor grammar. Some contained as few as 2–3 random characters. It’s possible, in fact, that these messages were sent more to gather “live” email addresses rather than to actually conduct attacks.

    Some of the most common spamming techniques in 2010 were:

    • Embedded images in messages were actually downloaded from URLs. Salad words were added at the end of the main mail body.
    • Messages were made to resemble legitimate email messages from well-known sites such as Amazon but the link actually led to Canadian pharmacy sites.
    • The messages’ body contained salad words while .ZIP file attachments contains an image that linked to a site where the actual content was located.
    • Spammed messages with only one URL in the message body and very few or no other words.
    • Using HTML tricks to make large numbers of salad words at the bottom of the email message invisible.

    One fact we noticed last year was that more spammed messages were prone to present their messages not only in the email body but also in the attachment. Examples of these include:

    • Medical spam with a .ZIP file attachment that contained an image
    • Fake lottery notification messages that also used .DOC and .PDF files
    • Scam mail that used .DOC files for actual messages

    Overall, there wasn’t much change in 2010 as far as spam was concerned. What we did see were tweaks and relatively minor changes to what we saw in previous years.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice