90-Day Spam Campaign Turns to Santa in December – Commtouch Security Number of the Month

by
filed under CYREN Security Number of the Month.

Today the Commtouch Security Lab (CSL) published its Security Number of the Month for December:  Ninety days ago a substantial spam campaign focusing on dubious offers and fake prizes began. However since December 10, the campaign has been thematically recycled and sent as a Christmas themed email, featuring subjects such as “Letter from Santa For Your Child.”

Number of the Month December 2013.

The Christmas-related modification to the large-scale spam campgain illustrates that holidays are often intentionally used by cybercriminals to rejuvenate and lengthen their otherwise ordinary spam campaigns.

This spam campaign previously centered around dubious offers providing unbelievable deals on numerous products. It also notified recipients that they had alledgedly won a prize and asked them to answer a few questions and provide a physical address. Those who responded  unknowlingly signed up for costly newsletters or services.

1312_Angebotskampagne

 

After 90 days, the cybercrooks simply altered their social engineering to focus on Christmas by soliciting orders for “the perfect gift for any child” – a letter from Santa postmarked from the North Pole. The revised approach is a clear example of how these crimials repurpose an existing spam campaign by maximizing the power of time-sensitive social engineering – sadly, an incredibly efficienct tactic.

 

1312_Letter From Santa

 

Each month, the research team at Commtouch presents the “Commtouch Security Number of the Month” – a number representing and illustrating a current issue or trend in Internet security.

 

Leave a Reply

(will not be published)