Spammers are gearing up for Valentine's Day with an influx of unsolicited advertising promoting gifts and sexual remedies, but are also getting in early with a wave of sinister e-mail messages designed to infect hopeful Valentine's recipients with malware instead of warm feelings say experts from the Marshal8e6 TRACE Labs.
The exploitation of Valentine's Day by spammers has become an annual event as advertisers attempt to pawn everything from watches and jewelry to "the gift she really wants" in the form of sexual pills and male enlargement remedies. However, Valentine's Day also gives spammers the perfect opportunity to spread malware and grow their botnets as optimistic Valentine recipients actually look forward to opening messages from perfect strangers.
The Waledec spammers declared their intentions early with a surge of love-themed malicious spam messages circulated in January. Now Waledec is distributing Valentine's specific spam with subject lines such as "a Valentine card from a friend" and "you have received a Valentine E-card". The messages, a classic blended threat e-mail attack, suggest that you have been sent a special Valentine's Day message from a secret admirer and require you to click on a URL link to retrieve your message. Clicking on the link downloads malware instead.
Two other rival spam botnets have also adopted similar tactics with the Donbot botnet suggesting "someone thinks you are very special and has sent you a kiss". The Pushdo spammers have an even simpler message, asking you to "prepare for Valentine's Day" and "be ready".
"Don't be fooled this Valentine's Day. Avoid clicking on Valentine's e-cards or other unsolicited messages, especially prior to February 14, and from senders you cannot identify or trust. The spammers are trying to squeeze the most out of this opportunity. Genuine Valentine's messages are unlikely to be sent ahead of the actual day," said Bradley Anstis, Marshal8e6 director of technology strategy.
The Waledec botnet is widely considered by security researchers to be the latest incarnation from the same spam gang that brought us the notorious Storm botnet. So far, Waledec has failed to reach the same level of size and infection that Storm achieved, but this latest Valentine's Day malicious spam is specifically designed to grow the botnet and increase the spammer's capability to send even more spam.
"We have observed spikes in Valentine's Day-related spam in past years, but levels this year seem to be even higher than average. So far Valentine's spam accounts for 2.0% of the total spam we are seeing and it is likely to grow. That is equivalent to the typical volumes of explicit adult spam we catch. Everyone seems to be trying to get in on the act this year," commented Anstis.
More information on Valentine's Day spam and examples of current malicious campaigns can be found on the Marshal8e6 TRACE Labs website: http://marshal.com/trace/traceitem.asp?article=870
Share