I hope by now that you are aware that the Certificate Authority/Browser Forum has mandated that Certificate Authorities stop supporting 1024-bit key length RSA certificates for both SSL and code signing by the end of this year (2013). To learn more abo…
Part 1 – changes in the industry
The email and web security industry has seen many changes over the past years, especially in the cloud or SaaS market. Many vendors in this space started by offering email anti-malware and anti-spam services. They…
The 58th season of the UEFA Champions League is coming to an end with the final being played on May 25 at Wembley Stadium in London. Nowadays, cybercriminals are gaining a lot of interest in football, at least inasmuch as how to exploit interest in foo…
This year’s ISTR illustrates more clearly than ever before that the path of least secure resistance is going to be the path taken by hackers.
In years past, the profile of a hacker was an idle college kid or ‘script kiddie’, and accou…
Contributor: Binny Kuriakose
People dream big when buying expensive items like a car or a property. When those dreams are seen with very affordable price tags it certainly attracts everybody’s interest. There are lots of websites available …
This past April (4/19 to 4/21) I had the great pleasure and experience of joining the Red Team at 9th NCCDC competition. It was actually my 2nd year on the Red Team and 4th year to attend in total (I judged in 2010 and 2011). McAfee is actually a perpetual Read more…
Following on from recent concerted campaigns by Anonymous against Israel on April 7 and Facebook on April 5, the latest target for the online hacktivist collective is the USA and American online interests. Today, hackers and script kiddies of various a…
What is the Financial industry thinking about these days? Symantec sponsored a lunch at Net.Finance, where we invited attendees to have lunch and talk about how to increase traffic to and usage of eCommerce as a way of doing business and conducting tra…
Mother’s Day is celebrated in many countries on May 12 and it’s a day for children, regardless of age, to express their love to their mother by giving her a gift. Spam messages related to Mother’s Day have begun flowing into the Symantec Probe Network. Clicking the URL contained in the spam message automatically redirects the recipient to a website containing a bogus Mother’s Day offer upon completion of a fake survey.
Figure 1: Survey spam targeting Mother’s Day
Once the survey is completed, a page is then displayed asking the user to enter their personal information in order to receive the bogus offer.
Figure 2: Fake survey
Figure 3: Bogus Web page asking for personal information
We recently blogged about the persistence of spam with .pw URLs and not surprisingly a lot of the Mother’s Day spam messages contain .pw top-level domain (TLD) URLs. The following are some examples of the From header using .pw URLs that we have identified to date:
Figure 4: Another dodgy website related to Mother’s Day
Symantec is observing an increase in spam volume related to Mother’s Day, which can be seen in the following graph.
Figure 5: Volume of Mother’s Day spam
The following are some of the Subject lines observed for these spam attacks:
Symantec advises our readers to use caution when receiving unsolicited or unexpected emails. We are closely monitoring Mother’s Day spam attacks to ensure that readers are kept up to date with information on the latest threats.
Have a safe and happy Mother’s Day!
Microsoft has issued Security Advisory 2847140 in response to reports regarding public exploitation of a vulnerability affecting Internet Explorer 8. Other versions such as Internet Explorer 6, Internet Explorer 7, Internet Explorer 9, and Internet Exp…