Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


01:15 AM

Cyberoam: Increased Valentine's Day Spam

Cyberoam warns emails with Valentine's Day-focused subject lines could be result of massive malware spam campaign

NEWBURYPORT, Mass. -- Cyberoam, a division of Elitecore Technologies and the leading innovator of Unified Threat Management Plus (UTM+) solutions, today advises that the Cyberoam Internet Threat Response Team warns Internet users of increased spam attacks tied to Valentine’s Day, Thursday, February 14. Spammers are including attachments and links in emails leveraging subject lines such as 'I Love You Soo Much;' 'Inside My Heart;' or 'You… In My Dreams;' ‘My Valentine Sunshine;’ and, ‘Be My Valentine,’ to exploit unsuspecting targets. Once these attachments are opened or the links are clicked, malware is instantly downloaded.

According to Cyberoam partner Commtouch, the Valentine’s Day spam campaigns began mid-January in mid-level volumes and were generated from zombies. The messages are only around 2k, many with hyperlinks to an IP address, an indicator of a zombie-attack.

The success of these attacks depends on social engineering techniques that are targeting a younger demographic, particularly students and teenagers that will use the Internet to buy discounted Valentine’s gifts, flowers and send e-cards. In fact, every day in the U.S. there are at least 11 million teenagers between the ages of 13 and 23 on the Internet – making this demographic group a prime target for attack.

“Spammers are renowned for tying large-scale spam attacks to significant holidays and events, so it’s important for organizations to warn employees and students against opening emails from people you don’t know,” says Joshua Block, VP of North American Operations, Cyberoam. “As these attacks can happen at any time of the year, we strongly recommend that all organizations ensure their security solutions are up to date to recognize and block potentially harmful files. Organizations should also look to set user-based policies for Internet access to ensure that employees and students aren’t able to visit Web sites that could be potentially laden with malware.”

Elitecore Technologies Ltd.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-03-04
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a com...
PUBLISHED: 2021-03-04
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information dis...
PUBLISHED: 2021-03-03
The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive info...
PUBLISHED: 2021-03-03
resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter.
PUBLISHED: 2021-03-03
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/documen...