Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    In the past few weeks, we’ve seen drastic and noteworthy increases in the number of health-related spam in the wild. Prior to September, this type of spam was relatively rare. However, as September began, these suddenly increased. Over the next few weeks, health-themed spam constituted 30% of the spam we saw, with an average of more than 2 million samples seen daily.

    These messages use different forms and templates, including online articles about losing weight, high-profile newsletters, and downright email advertisements peddling fake fitness products. Many of these messages claim to be from reputable news organizations like CBS, CNBC, CNN, the New York Times, and USA Today.



    Figures 1 and 2. Medical-themed spam messages

    They contain links that may lead users to a variety of dubious sites, including those selling fake products or involved in survey scams. Our research indicates that these messages were sent from a variety of countries, including India (10%), Spain (8%), Italy (7%) and the United States (6%).

    Overall, we’ve seen that these spam messages link to almost half a million distinct URLs.  However, these multiple URLs resolve to relatively few IP addresses. Two countries – the United States and Japan – accounted for the vast majority of traffic to these IP addresses:

    Figure 3. Distribution of user traffic

    We continue to look for indicators to determine the cause of this increasing traffic. It’s worth noting that this took place right after the Blackhole Exploit kit author’s arrest and the start of the registration period for the Affordable Care Act/Obamacare in the United States.

    Health and fitness is one of the common social engineering themes used by spammers to lure users into their schemes. Aside from the typical pharmaceutical company newsletter and weight-loss types, cybercriminals have tried using topics like Obamacare and even laboratory results.

    The continuous presence of this threat shows that spam is still a crucial part of today’s threat landscape. Users should remain extremely careful when opening messages from unverified sources. Relying on an email’s appearance is no longer an effective method for separating the wheat from the chaff. Trend Micro is continuously working to detect these threats.

    With additional insights from Paul Pajares

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice