Spam turns thirty this month, and it has no signs of abating.
Throughout the years, bulk mail has only morphed into various different forms (from text, to images, some bearing attachments, some links), with some forms evolving from mere unsolicited advertisements, to harbingers of phishing and even malware attacks.
On the antispam work grind, however, things look a little bit too familiar: the spammers faking “Better Business Bureau” (BBB) are at it again.
Unfortunate recipients who click on the link are brought to the following Web site:
This site requires” IE 5.5 or higher, which is incredibly strange, considering that the latest IE version today is already at 7. The 65kb file downloaded from the link (named ACROBAT.EXE) is detected as TROJ_AGENT.AOAR.
Around the same time last year we caught spam pretending to come from BBB telling the recipients that a complaint has been filed against them. The spam comes with an attachment which is actually TROJ_ARTIEF.A.
In a more recent instance, our Content Security team has found a phishing email which asks the user to visit a booby-trapped site. However, when a victim visits the site, the Web site displays a message informing them that an ActiveX control is required to view the page. Downloading the ActiveX control is, of course, not a good idea.
While these spammers never grow tired of recycling old tricks, it seems users are just as wont to open email messages out of curiousity anyways. Users are highly advised to activate antispam filters in their email applications along with antispam features that come with their security suite.