And the winner is…

15 May 2009

minute read

Authors

Maria Namestnikova

It’s been a busy time in our spam lab. Sure, spam never goes away, but in May alone we’ve had spam linked to Mother’s Day

and spam linked to Victory Day, a major public holiday in Russia celebrating the end of World War II on 9th May. The message below is themed to fit the patriotic sentiments of the holiday, but the text at the bottom advertises printing services.

And now we’ve got a lot of Eurovision spam. Not surprising with the final looming. Tickets have been on sale on the Russian Internet since the middle of February, but this hasn’t stopped the spammers offering tickets which are one and a half, or sometimes twice, as expensive as tickets offered through official channels.

Of course, if you’re the one selling on a ticket, you’d be happy to get two or three times the face value. The problem is if you’re the buyer, and you pay over the odds for something that turns out to be a forgery.

There are lots of security features designed to distinguish genuine tickets from fakes, and funnily, some spammers are stressing this: the spam below (where the logo contains “noise” added by the spammers) ends the message by exhorting recipients to “Beware of fakes!”.

This is one of those rare cases when I, as a spam analyst, find myself agreeing with the spammers!

Authors

Maria Namestnikova

And the winner is…

Latest Posts

Latest Webinars

Reports

An unknown actor targeted an electric utility in southern Africa with Cobalt Strike beacons and DroxiDat, a new variant of the SystemBC payload. We speculate that this incident was in the initial stages of a ransomware attack.

This is our latest summary of the significant events and findings, focusing on activities that we observed during Q2 2023.

While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. We created offline backups of the devices, inspected them and discovered traces of compromise.

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a specific toolset of .NET malware, JackalControl, JackalWorm, JackalSteal, JackalPerInfo and JackalScreenWatcher.

And the winner is…

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

Router security in 2021

Telehealth: a new frontier in medicine—and security

The dangers of “connected” healthcare: predictions for 2022

Do cybercriminals play cyber games in quarantine? A look one year later

Healthcare security in 2021

Phishing with hacked sites

Email crypto phishing scams: stealing from hot and cold crypto wallets

How scammers employ IPFS for email phishing

Mass email campaign with a pinch of targeted spam

Text-based fraud: from 419 scams to vishing

Latest Posts

From Caribbean shores to your devices: analyzing Cuba ransomware

Evil Telegram doppelganger attacks Chinese users

IT threat evolution in Q2 2023. Non-mobile statistics

IT threat evolution in Q2 2023. Mobile statistics

Latest Webinars

2023 APT Landscape Unveiled: Trends, Challenges, Solutions

Cybersecurity risks in alternative energy sources

Securing ICS Workstations: Vulnerability Identification with OVAL

Unveiling the Darknet’s Malware-as-a-Service model

Reports

Focus on DroxiDat/SystemBC

APT trends report Q2 2023

Operation Triangulation: iOS devices targeted with previously unknown malware

Meet the GoldenJackal APT group. Don’t expect any howls

Subscribe to our weekly e-mails