Tag Archives: Symantec Protection Suites (SPS)

Phishers use glamour model images as bait, steal Facebook user logins

New phishing campaigns mimic Facebook’s branding and display images of glamour models to lure victims.

Phishers serve up Paolo Bediones sex video, steal Facebook user logins

A fake Facebook website is behind the phishing campaign offering up the sex scandal video of Filipino TV host Paolo Bediones.
Read more…

Fake US Anti-Spam Law Used in Latest Phishing Campaign

Phishers posing as banks are redirecting victims to a fake website then requesting logon credentials in order to compromise bank accounts.
Read more…

Spammers Ready Their Arsenal for US Independence Day

Spam emails take advantage of July 4 with fake offers.
Read more…

.club gTLD Used in Hit-and-Run Spam Attacks

Spammers have been abusing generic top-level domains, released by the Internet Corporation for Assigned Names and Numbers earlier this year, in hit-and-run spam attacks.
Read more…

Spammers Quick to Take Advantage of Second Posthumous Michael Jackson Album

May 13, 2014 witnessed the release of another posthumous compilation album of Michael Jackson recordings, named Xscape. This reworked collection of Jackson tracks was highly anticipated by music lovers, ever since its announcement in March, 2014. News of the album release has once again made Michael Jackson a hot topic and, unsurprisingly, spammers have been quick to exploit this.

This spam campaign uses a very simple email which is crafted to appear like personal mail. It uses Michael Jackson’s name and some of his song titles to create intriguing subject lines. The body of the email contains a link along with a generic comment. A name is used to sign the email message, as seen in Figure 1, in an effort to give the impression that an acquaintance has sent you an email with a link to the new Jackson album. The URL in the body of the email redirects to a fake pharmacy domain which promises cheap medicines without prescription.

The following are subject lines seen in this spam campaign:

  • Subject: $ Planet Earth (Michael Jackson poem) $
  • Subject: * List of songs recorded by Michael Jackson *
  • Subject: * List of unreleased Michael Jackson songs *
  • Subject: [ Hold My Hand (Michael Jackson and Akon song) ]

 

SpamImage1.png

Figure 1. Example of Michael Jackson spam email

We expect more spam exploiting this news in the coming days and believe the possibility of such emails being phishing attempts or containing malware to be very strong.

Users are advised to adhere to the following best practices:

  • Do not open emails from unknown senders
  • Do not click on links in suspicious emails
  • Never enter personal information on suspicious websites, as they may have been created for phishing purposes
  • Keep your security software up-to-date to stay protected from phishing attacks and malware