Risk
12/18/2013
04:23 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

90-Day Spam Campaign Turns To Santa In December

Holidays are often used by cybercriminals to rejuvenate and lengthen otherwise ordinary spam campaigns, says Commtouch

MCLEAN, Va., Dec. 18, 2013 /PRNewswire/ -- Today the Commtouch Security Lab

(CSL) published its Security Number of the Month for December: Ninety days ago a substantial spam campaign focusing on dubious offers and fake prizes began.

However since December 10, the campaign has been thematically recycled and sent as a Christmas themed email, featuring subjects such as "Letter from Santa For Your Child."

The Christmas-related modification to the large-scale spam campaign illustrates that holidays are often intentionally used by cybercriminals to rejuvenate and lengthen their otherwise ordinary spam campaigns.

This spam campaign previously centered around dubious offers providing unbelievable deals on numerous products. It also notified recipients that they had allegedly won a prize and asked them to answer a few questions and provide a physical address. Those who responded unknowingly signed up for costly newsletters or services.

After 90 days, the cyber crooks simply altered their social engineering to focus on Christmas by soliciting orders for "the perfect gift for any child" - a letter from Santa postmarked from the North Pole. The revised approach is a clear example of how these criminals repurpose an existing spam campaign by maximizing the power of time-sensitive social engineering - sadly, an incredibly efficient tactic.

A sample of the thematically "recycled" spam can be found on the Commtouch blog:

http://blog.commtouch.com/cafe/commtouch-security-number-of-the-month/90-day-spam-campaign-turns-to-santa-in-december

Each month, the research team at Commtouch® (NASDAQ: CTCH), a leading provider of Internet security technology and cloud-based services, presents the "Commtouch Security Number of the Month" - a number representing and illustrating a current issue or trend in Internet security.

See the related Commtouch illustration.

About Commtouch

Commtouch® (NASDAQ: CTCH) is a leading provider of Internet security technology and cloud-based services for vendors and service providers, increasing the value and profitability of our customers' solutions by protecting billions of Internet transactions on a daily basis. With 12 global data centers and award-winning, patented technology, Commtouch's email, Web, and antivirus capabilities easily integrate into our customers' products and solutions, keeping safe more than 550 million end users. To learn more, visit www.commtouch.com.

-- Blog: http://blog.commtouch.com/cafe

-- Facebook: www.facebook.com/commtouch

-- LinkedIn: www.linkedin.com/company/commtouch

-- Twitter: @Commtouch

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web