たいていの場合、この汎用的なフィッシングメールでは、受信ユーザーのメールボックスが容量の上限を超えたとして、電子メールの消失を避けるために至急メールボックスを「再有効化」するよう指示します。先日シマンテックが特定した汎用的なフィッシングメールの Web サイトも、一見すると正規のサイトのようです。素人仕事のような外見（フィッシング詐欺師がデザインスキルに乏しく、プロの手によるサイトを真似られないことの証です）ではあるものの、ある意味では際立っています。背景が魚の絵のパターンになっているからです。
These generic phishing messages usually claim that the recipient’s mailbox size has been exceeded, and direct them to urgently “re-validate” their mailbox to prevent disruption to their email. Symantec recently identified a generic email phishing website which, at first glance, appeared normal. It looked fairly amateurish—demonstrating phishers’ poor design skills when they don’t have a professional site to rip off—but the site was strikingly unusual for one reason: it had a fish pattern background.
Figure. Generic phishing website with fish pattern background.
We are not sure exactly why phishers decided to use this particular background. Was it a random, unfortunate mistake? An inside joke among fellow phishers? Or perhaps a brazen but not-so-subtle hint to experienced users that it was actually a phishing site? Perhaps—since the site is partially in Italian—the phishers were unaware of the similarity between “phish” and “fish”?
To protect yourself from phishing scams, be wary of messages claiming that your account has been restricted or somehow needs to be updated. Keep your security software up to date. Symantec.cloud and Symantec Messaging Gateway customers are protected from these threats.
Contributor: Binny Kuriakose
Spammers continue to leverage the crisis in Syria for their personal gain. Besides taking advantage of a scam message that claimed to be from The Red Cross, spammers are now taking advantage of emails about the news in Syri…
The Ashes Test cricket series, one of most popular Test series in cricket, is played between England and Australia. It is played alternately in England and Australia and is the oldest test rivalry between these two sides. Cricket fans are glued to the TV and their online devices to watch this riveting series.
In the current Ashes series England is leading 3-0 and is on the cusp of creating history against Australia—if they beat them hands down in the last test match, which now is a real possibility. However, what is making the rounds is not Scholes, Carrick, or Robin Van Persie, but Captain Cook and his elite squad waiting to steamroll Australia.
This interesting scenario has got scammers smacking their lips. They have come up with a trick to lure you into sending them your personal information over email because your email address has won “242,500,000 USD in the 2013 ASHES SERIES”.
Here is the catch, you have one obligation to fulfill by replying back to the scammer with your “personal details”. Well, that would set the ball rolling for the scammer, wouldn’t it?
In a typical 419 spam, the scammer mentions in the email that you have won—an award of $50,000 USD for example—and asks you to reply back with your personal details, immediately to claim the money.
Symantec customers should take the following precautionary measures to stay safe:
Update operating system patches when prompted
Update the antivirus patches regularly
Do not open any unsolicited emails when you do not recognize the sender or the subject and avoid clicking on suspicious email attachments
When dealing with unsolicited mails avoid sending any personal details, especially to unknown persons
Enjoy the ongoing the Ashes Test cricket series without getting bowled over by any Spammer’s googly.
It may sound strange, but one surefire sign that the economy is on the mend is an increase in stock spam. Yes, stock spam is a bellwether signal of an economic revival and if you want proof, check your email. Scattered in your bulk folder, you may find a myriad of such spam promising you ‘an opportunity of a life time.’ Rearing its ugly head every time there is a hint of an economic recovery, stock spam never misses an opportunity to try and con victims out of their hard-earned cash.
Over the years, stock spam has evolved, honing its method of psychologically hustling a victim into buying a particular stock that will ‘imminently’ be pumped up by some sort of syndicate. Stock spam creates an unwarranted urgency and promises a pot of gold at the end of it all.
Stock spam relies on a strategy called ‘pump and dump,’ where spammers create pseudo hysteria, beckoning victims to invest in penny or sub-penny stocks that would give astronomical returns overnight. It takes full advantage of a widespread human trait, greed.
After millions of these spam emails are dispersed, the stock in focus suddenly increases in value and then falls drastically, leaving investors stranded. Stocks are then dumped after creating hysteria and subsequently bought back at a lower price, which means more profit for the manipulators rather than those invested who are trapped at higher levels.
From a spam perspective, the modus operandi has been constant – create hype, make a profit, then disappear into oblivion! This is done systematically, keeping the sociopolitical situation in mind.
The subject lines used are altered and recycled with a few cosmetic alterations in order to evade spam filters. The following are some sample subject lines used in stock spam:
I would love this stock to fill in gap…
A Sleeping Giant May Have Been Awoken!
IT MAKES A MOVE!
NEW Pick Out at Midnight!
This Stock is my new NASDAQ alert! This thing can fly!
Decoded: Don’t Risk Missing an Issue
We`re going to see some xtreme moves this week
A bottom buster rocket this morning
The Only Way To Make Reliable Monthly Income From The Stock Market!
This Company is our New “First-Class” Alert! Don`t Miss Out!
The email body contains some brief information on the targeted stock and its trading ticker ID (which is usually obfuscated).
Figure. Sample stock spam email
So, what’s the best practice here?
The next time you see unsolicited emails cluttering your mailboxes, make sure that you don’t fall for this type of scam. Remember, if something sounds too good to be true, it usually is!
Symantec advises users to update their antispam signatures regularly. We are closely monitoring these spam campaigns and will continue monitoring this trend to keep our readers updated.