Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    April 2015
    S M T W T F S
    « Mar    
     1234
    567891011
    12131415161718
    19202122232425
    2627282930  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Spam’ Category




    Cybercriminals have been taking advantage of tax season for years. While we have seen tax seasons involving countries like Australia and the U.K., it appears that cybercriminals tend to heavily favor the use of Internal Revenue Service (IRS) scams, especially during the US tax season. Over the years, the attackers’ means may have evolved but their goal remains the same—to trick victims into giving out personal information or money. Our new research paper, A Profile of IRS Scammers: Behind Tax Fraud, takes an ...

    Posted in Malware, Spam |



    Recently, we’ve come across an interesting spam campaign aimed at French users. The campaign itself uses a well-crafted lure that is likely to catch the attention of its would-be victims. In addition, the malware used - the GootKit backdoor - contains several unusual technical characteristics. Both of these highlight how this campaign was quite well thought-out on the part of the attackers. Spam: Using the French Ministry of Justice This campaign starts with email in French that uses varying subject lines: Copy du jugement (translated ...

    Posted in Malware, Spam | 1 TrackBack »



    Early this year Microsoft reported an increase in macro-related threats being used to spread malware via spam. Similarly, we’ve been seeing a drastic increase in spammed emails with attached Microsoft Word documents and Microsoft Excel spreadsheets that come with embedded macros. Macros are a set of commands or code that are meant to help automate certain tasks, but recently the bad guys have yet again been utilizing this heavily to automate their malware-related tasks as well. Here are some recent blog ...

    Posted in Malware, Spam | 1 TrackBack »


    Mar23
    11:19 am (UTC-7)   |    by

    Recently I discussed how TorrentLocker spam was using email authentication for its spam runs. At the time, I suggested that these spam runs were using email authentication to gather information about victim networks and potentially improve the ability to evade spam filters. DomainKeys Identified Mail's (DKIM) own specification mentions the possibility of messages with from “trusted sources” and with a valid signature being whitelisted. Since then, we’ve received several replies that differ with our findings. One of these was Martijn Grooten at Virus Bulletin, who argued that ...

    Posted in Spam | TrackBacks (2) »


    Mar22
    9:22 pm (UTC-7)   |    by

    Analysis by Marshall Chen, Yi Lee, and Joe Wu Brand owners frequently use SPF and DKIM to protect their brands from email forgery. For example, a brand owner could register the same domain name under multiple top-level domains (TLDs) (such as .com, .net, .org, etcetera) and announce SPF/DKIM records for all of these domains (even if they were not actively being used). While generally effective, there is one loophole: what about the .gov TLD? This loophole was recently exploited in a massive phishing attack against American Express, which started ...

    Posted in Spam | TrackBacks (2) »


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice