Posted by
admin on Saturday, July 11th, 2009 |
6,544 views
Recently we posted an article where we talked about how spam campaigns using the character of the space to mask the malicious links, it’s now the turn of the underscore character. In recent days we have registered more than 800 spam messages that mask the links with the underscore character to bypass some antispam filters....
Continue reading...
Posted by
admin on Thursday, July 9th, 2009 |
3,172 views
A new wave of spam relating to the promotion of pharmaceutical products has flooded our emails. The new technique used by spammers to bypass antispam filters is to insert spaces in the string of the link that is spammed, which is in such a way that is not recognized as a url and it is […]
Continue reading...
Posted by
admin on Saturday, May 30th, 2009 |
2,976 views
A new spam strategy is in the wild. We spoke on a recent article that spammers were using a new trick to bypass anti-spam filters by adding the text on an image and send the image attached as file. Now it seems they changed from image to RTF document: The attached file contains a redirect […]
Continue reading...
Posted by
admin on Wednesday, April 29th, 2009 |
3,068 views
Recently we noticed a big archive of spam messages related to selling various pharmacy products. But something was different from the old spam messages… no http links were present in the message. The surprise was attached in .gif or .jpg or .png format:
Continue reading...
Posted by
admin on Saturday, April 25th, 2009 |
3,644 views
We have received a new spam email with the subject named problems from an unknown sender. In the email there was a file attached named winmail.dat Below there is the message of the email: When I had opened your last email I received some errors have been saved in the attached file. Please inform me […]
Continue reading...
Posted by
admin on Friday, February 27th, 2009 |
4,712 views
These days seem to be very havy the email-spreading of email worms (possible Storm_Bot), in 2 days we received about 20 emails and were all related to postcards and e-cards with attached a ZIP file with name as postcard.zip or e-card.zip. Today we received more than 10 spam emails with attached a ZIP file in […]
Continue reading...
Posted by
admin on Wednesday, February 18th, 2009 |
3,974 views
We received a new email that contains a suspicious ZIP file named copy of your application.zip. The email looks like the same family of the previous Hallmark and fake Job CocaCola emails. The extracted file use the same trick as all the other spam emails, it add 8+ characters of space after the first extension […]
Continue reading...
Posted by
admin on Sunday, February 8th, 2009 |
7,040 views
We have recently received an email that contains a ZIP archive named: PROHIBITED_MATRIMONY.rar The subject of the email is: ABOUT PEOPLE WITH WHOM MATRIMONY IS PROHIBITED The file extracted from PROHIBITED_MATRIMONY.rar is named Readme.doc.exe and note that it has the double extension to trick the user to think that it is a norm...
Continue reading...
Posted by
admin on Friday, January 16th, 2009 |
15,501 views
Today I received again an email from Hallmark E-Card with a suspicious ZIP file attached and with the following message: A file named, as always, postcard.zip and of less than 200 KB. If we extract the ZIP file, we see a new file with an extension as .SCR and with a filename length of more […]
Continue reading...
Posted by
admin on Thursday, January 1st, 2009 |
6,324 views
Steve sent me a sample of malware classified as Trojan.Win32.Waledac that he has received in some Christmas Postcard Spam emails with following subjects: Merry Christmas and best wishes just for you Merry Christmas 2009! A super Xmas card for you Merry XXXmas! You’ve got a Merry Christmas greeting e-card I made this e-card...
Continue reading...