There’s been some talk about the latest incarnation of spam that perverts legitimate sites for the purpose of commercial spam, a subject we have been discussing for a while on this blog, starting back in January. A few interesting articles on Google Docs spam came out this week based on some outreach by MessageLabs. (InternetNews, [...]
The original image-based spam embedded images in email messages, however it’s even simpler, and easier to fool anti-spam engines, to embed references to images in the HTML code of a message. What this means is that the source code of the message will pull an image from a remote server, assuming the reader is connected [...]
When an email from one our employees to his loan officer asking about re-financing his mortgage got blocked by his bank’s spam filter, we decided to look into the phenomenon a little more closely. Turns out that spammers are leveraging the refinancing fervor that was sparked by the Fed’s rate cut last week, causing a [...]
Spammers have once again sunk their fangs into Halloween and flooded email with holiday themed threats. When I was a kid parents feared tainted trick-or-treat candy. Now they can add spyware and computer viruses to their list of worries.
Keep your eyes out for a “dancing skeleton” spam attack which contains links to malicious web sites. [...]
When SpaMP3 hit the airwaves, some experts recommended blocking MP3 attachments, for example Sophos, and even SC Magazine. A spokesperson for GFI was quoted as saying “How many companies do you know that use MP3 files for business use?”
I agree, MP3 isn’t the most broadly used file-type in most businesses, however there are some businesses [...]
Image spam on the whole is on the decline, and stock pump-and-dump has all but disappeared. But image spam hasn’t been eliminated altogether. Lately our spam detection center has seen a significant increase in pornographic image spam (the URLs are part of the picture), as well as “cut” image spam. The cut images appear to [...]
In case you don’t understand the cryptic headline, I’ll explain: part of our work in detecting and blocking spam is collecting information about spam sites that spammers try to drive users to visit. This web-related data that we gather from analyzing billions of messages each day will actually form a big piece of Commtouch’s next [...]
Commtouch just identified a new spam technique that spammers have been experimenting with massively over the past 24 hours: spam with a zipped attachment, sometimes password-protected, and the zip contains a text file with a stock promotion. Some facts:
1) Commtouch identified this new type of “Zip spam” yesterday (July 30) at 10 pm GMT, and [...]
McAfee security researcher Nick Kelly raised a concern on his blog that the recent rash of Excel spam could develop to include macro exploits. We did see a mini-macro comeback last year, so this is certainly a possibility, though I haven’t seen any samples yet.
PDF spam could also carry a potential malware threat as that [...]
Well it’s about time someone decided to distribute a stock pump&dump message inside an excel file.
Commtouch first identified and blocked this new type of spam on Saturday, July 21, at 1:20 pm GMT. The Excel spam promotes stocks in file attachments with names like “invoice20202.xls,” “stock information-3572.xls,” and “requested report.xls.”
Of course this seems like a [...]
