“Dating spam” is becoming more rampant recently, which is somewhat expected due to Valentine’s Day being just a couple of weeks away.
But some of this dating spam is quite unique, and has caught our attention, as the spammed message claims to be coming from Trend Micro:
Figure 1. Spammers work their charm to attract dateless users
Figure 2. Trend Micro email addresses used for the From field
The “From” field in the emails were tampered with to be able to evade spam filters. Also, a scheme called dictionary attack is used to send the spam mails:
Figure 3.Random email addresses used in dictionary attack
A Dictionary Attack is a spammer tactic wherein spam is sent to random addresses from a given domain, hoping that some of it will get through. Unknowing users who respond will have their email addresses validated and added to the spammers’ list, thus causing the users to receive more and more spam mails.
However, a quite interesting and comical twist happens in this case. Since the “From” addresses are forged, the spammers themselves aren’t getting the replies or even the bounces to the spammed messages they sent. This attack is apparently just a waste of resources for spammers.
This suits them right for trying to sneak past spam filters through us!
The Trend Micro Smart Protection Network already blocks the spammed messages, and Web users are always reminded to not trust spammed messages no matter what these messages say.