Marshal Warns of New Spam Tactics - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Government // Cybersecurity

Marshal Warns of New Spam Tactics

Email and Internet content security provider, Marshal, warned of the emergence of three new forms of spam

ATLANTA -- Email and Internet content security provider, Marshal, today warned of the emergence of three new forms of spam. The first is a new run of greeting card spam targeting major holidays; the second is disguised as an Adobe Picture Document Format (PDF) attachment; and lastly, is a new form of spam labelled as Piggyback Spam.

E-Greeting Cards

The Marshal TRACE (Threat Research and Content Engineering) team has identified a new run of Greeting Card spam that invites recipients to retrieve a greeting card. The recipient is asked to click on a web link in the message to access their greeting card. By doing so, they expose themselves to vulnerability exploits and an executable file named “ecard.exe.” This is in reality a copy of the Storm Trojan which compromises the user’s PC and merges it into a botnet – a network of computers that can be commandeered remotely by a controlling server.

“We all enjoy receiving messages on special days like Valentine’s Day and Christmas. On these days our guard comes down and we sometimes open messages that we would otherwise treat with caution on any other day. The spammers and virus writers know this so they use events and holidays like the recent Fourth of July holiday to try and catch people off guard,” said Bradley Anstis, Director of Product Management for Marshal.

PDF Spam

The PDF spam takes on the appearance of a legitimate business email containing an attached PDF file. The PDF features the file name ‘username_report.pdf’ – the username in the file name is the same as the email recipient’s name (taken from the recipient’s email address). The personalization of the attachment file name makes it appear more legitimate.

“Spammers are struggling to find ways to fool spam filters and get their messages into people’s inboxes,” said Anstis. “Using a PDF file as the vehicle for the spam message is an attempt to do just that, as spammers believe that many anti-spam solutions largely ignore PDF files.”

According to Anstis, spammers avoided this kind of spamming method in the past because attaching large file types like PDFs greatly increased the size of the message. Now with the widespread use of zombie networks and spambots, the spammers are less concerned with the size of the message. The spammers have tens of thousands of infected computers at their command and are able to move large volumes of this spam type.

Piggyback Spam

This new spam contains typical product advertising messages. However, what is unusual is that a URL link also appears within the message which links to a malicious executable file. If users click the link they are prompted to download a file, which, if executed, will lead to further installation of malware such as key logging programs or spambot software onto their computers.

“In the past, we have seen spam containing embedded links which pull down malicious files,” said Anstis. “These messages are specifically designed to trick end users into downloading and installing a file. What is unusual with Piggyback Spam is the link to the malicious file is unrelated to the spam content – it is not integral to the main message. Rather, the links are inserted in odd places and essentially hitch a ride or 'piggyback’ on otherwise normal spam messages.”

Marshal Inc.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Commentary
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
Slideshows
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
Slideshows
Flash Poll