Spam Campaigns go for RTF Documents

Posted by on Saturday, May 30th, 2009  |  3,197 views

A new spam strategy is in the wild. We spoke on a recent article that spammers were using a new trick to bypass anti-spam filters by adding the text on an image and send the image attached as file. Now it seems they changed from image to RTF document:

New Spam Strategy Screenshot

The attached file contains a redirect to a malicious link:

Malicious Link Screenshot

Malicious link details:

1
2
3
4
5
6
7
8
9
10
11
12
13
14

Domain: 9-000.com
Ip Address: 203.93.208.86
 
Administrative Contact:
Name : NIUJINGYI
Organization : NIUJINGYI
Address : CHANGFENGLU51
City : jiujiangshi
Province/State : jiangxisheng
Country : china
Postal Code : 332113
Phone Number : 86-0792-56051418
Fax : 86-0792-56051418
Email : NIUJINGYI@126.COM

Other malicious domains:

1
2
3

4-999.net
7-999.com
4-555.net

We have noticed around 150 spam emails of this type on 48 hours and most senders seem to be ADSL users… is possible the spam campaign was started by a botnet.

Posted by on Saturday, May 30th, 2009 at 11:21 pm and filed under Spam with tags , , . You can skip to the end and leave a response. Pinging is currently not allowed.

Random Posts

Previous Posts