Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    July 2015
    S M T W T F S
    « Jun    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • Email Subscription

  • About Us


    Archive for the ‘Spam’ Category



    Mar22
    9:22 pm (UTC-7)   |    by

    Analysis by Marshall Chen, Yi Lee, and Joe Wu Brand owners frequently use SPF and DKIM to protect their brands from email forgery. For example, a brand owner could register the same domain name under multiple top-level domains (TLDs) (such as .com, .net, .org, etcetera) and announce SPF/DKIM records for all of these domains (even if they were not actively being used). While generally effective, there is one loophole: what about the .gov TLD? This loophole was recently exploited in a massive phishing attack against American Express, which started ...

    Posted in Spam | TrackBacks (2) »



    In monitoring the ransomware TorrentLocker, we noticed a new development in its arrival vector. In previous entries, we noted that a particular wave of the crypto-ransomware was using spammed messages that were designed to evade spam filters. Our research now shows that TorrentLocker malware are using emails that are designed to pass spam filters and also collect information. Using SPF to DMARC Previous spammed messages were authorized by the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). SPF provides a mechanism to allow ...

    Posted in Malware, Spam | Comments Off on TorrentLocker Ransomware Uses Email Authentication to Refine Spam Runs



    The malware UPATRE was gained much prominence following the demise of the Blackhole Exploit kit. It was since known as one of the top malware seen attached to spammed messages and continues to be so all throughout 2014 with particularly high numbers seen in the fourth quarter of the year. We have released our annual roundup where we talked about the different trends related to spam, and this entry offers a closer look. Looking back at 2014: Notable Spam Trends Based on our ...

    Posted in Spam | Comments Off on 2014 Spam Landscape: UPATRE Trojan Still Top Malware Attached to Spam



    2015 has just begun, but we're already seeing old problems crop up again - particularly the abuse of a lot of legitimate web sites. Since the start of the year, we've been seeing a significant increase in the number of spammed messages with links that lead to various Russian dating sites. Figure 1. Sample of dating site spam While messages of these types are fairly common, this recent wave is unusual in several ways. First, the level of dating site spam is higher than ...

    Posted in Spam | 1 TrackBack »



    Email authentication and validation is one method that is used to help bring down the levels of spam and phishing by identifying senders so that malicious emails can be identified and discarded. Two frameworks are in common usage today; these are SPF and DKIM. SPF (Sender Policy Framework): Defined in RFC 7208, SPF provides a mechanism to allow receivers to check that incoming mail from a domain is being sent from a host authorized by that domain's owner. The list of ...

    Posted in Spam | Comments Off on How Cybercriminals Dodge Email Authentication


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice