February has begun, and as they say, love is in the air.
Along with pharma spam, that is.
We have recently found spammed messages posing as an invoice from iTunes in its e-mail subject but contains an advertisement for a “special Valentine’s day sale” containing links that lead to pharma websites.
Figure 1. Spammed messages pretending to be from iTunes
iTunes garnered an estimated 3.34 billion dollars in sales for 2008, and the numbers for early 2009 are quite promising as well. With the great success and vast number of customers, this pretty much explains the usage of iTunes to lure users into pharma sites.
On the other hand, the other spam run takes advantage of timeliness. Arriving on users’ inboxes as an advertisement for a Valentine’s Day sale, it displays images of the jewelry that are supposedly on sale. Moreover, he email messages are altered so that the address in the From: field contains a Trend Micro-related email address. This kind of technique to evade spam filters has been seen before, which may suggest that this was possibly done by the same spammer.
Figure 2.Spam pretending to be an ad for a valentines’ day sale
Clicking the image connects the user to nothing else but the fake Canadian pharmacy website.
Figure 3.Fake Canadian Pharmacy website
Additional text by Jonathan Leopando.