Spam & Phishing

No Picture

Targeted spam: Cotap is a secure texting app for teams.

You thought that there are only Advanced Persistent Threats and Spear Phishing? Here is a new one : Targeted Ads. This time it might not be so dramatic, but imagine that you sent this to a lot of people. How many do you think that will register?   So, what’s the catch? If there are many people in a company that use the service, the company might decide at some point to pay for an enterprise feature. And, for this segment, the competition is big: Whatsapp is definitel rulling by far. I can’t say since I don’t have a Whatsapp…

No Picture

“Ze Foreign Accent” spam is back

Twelve years ago the IT security world was fighting against an unprecedented amount of spam emails. Spam is not and never was just a nuisance; it is a big problem because it slows down the good emails and takes up resources. Together with Virus Bulletin and some antispam researchers from various companies, a list called “The Spammer Compendium” was created.  This list contains methods used by spammers to trick spam filters and to have their emails delivered to the end users. One of the methods listed there is called “Ze Foreign Accent” spam or(BWO!Accent!Plain). The main characteristic of this method is…

Spam with a malicious taste (update)

This post appeared originally in: IT Security blog:   I haven’t seen in a while a well done complex spam with malicious payload. This one appears to be addressed to first name of the email recipient. As you can see in the subject, it is addressed to “SORIN” since my email address is sorin.mustaca@… The spam contains a nice piece of social engineering which creates enough curiosity to the reader to open the attached archive.   The archive is called “Notice_to_appear_in_court_<random number>.zip. The only file in the archive is a JavaScript file extremely obfuscated : Notice_to_Appear_000483082.doc.js. First of all, I asked…

No Picture

Spam impersonating PayPal using attached form

A classical phishing email… Nothing special (same bad English, as always). Dear Valued Customer, Unauthorized access has been detected in your account. Unfortunately, due to this event, our security system has limited the access to your account. Account Limitations prevent you from completing certain actions with your account, such as withdrawing, sending, or receiving money. These limitations are implemented when we see unusual or suspicious activity to help protect both PayPal buyers and sellers. Please verify your account by completing the form which is attached in this email. By doing this, restrictions in your account will be lifted. We apologize…

No Picture

“There’s a new personal notification message special for ” – a scam for “Linked In”

“There’s a new personal notification message special for Sorin Mustaca” is the subject of the email pretending to come from “Automation LinkedInNotifier”. But then, why is it coming from “” ? Come on spammers, you disappoint me 🙂 Anybody can see it is a fake… And “Linked In” ? Not even this is right…   It is just an online pharmacy … from Russia “with a lot of Love”:

No Picture

8. You unsubscribe from spams: 10 signs you should invest in your personal cybersecurity

You unsubscribe from commercial emails that you never requested Remember that spam emails are made to look authentic. This means that they will almost always contain some links which allow you to unsubscribe. But, instead of that they just make you verify that your emailaddress is valid. Don’t unsubscribe! Just mark the email as spam and the email client will do the rest. If you know how to do that, report it to SpamCop or other organizations that deal with spam.  

No Picture

“Ze Foreign Accent” spam returns

Remember the Spammer’s Compendium (where I have a spam method named after me: (UH!Mustaca!HTML))? There is an entry from 2003 called “Ze Foreign Accent“. Back then it was rather primitive, but now it comes in a much improved (if we can say that) form:   The link on “Click here” goes to a Google Drive hosted site which was erased in the meanwhile. Fortunately, GMail detects it as spam as you can see in the picture.

No Picture

How do you react if you receive an email with subject “Your file has been uploaded”?

A spam campaign sending emails from an “Auto ImageService” with the subject “Your file has been uploaded” is making its round on the Internet. The content of the email (see below) is very simple and advertises a link to a photo taken with a digital camera (DCIM stands for Digital Camera IMages) which was allegedly uploaded to some online image service. And now to my question: How do you react if you see such an email in your Inbox ?     I guess, most people would think: “What file? Oh, a photo? Hmm…” And here it goes: – You know…

No Picture

“Your messages will be deleted soon” – Facebook spam

It seems that the most research on social engineering is done these days by spammers. Using the text “You haven’t been to Facebook for a few days, and a lot happened while you were away”, the spam message contains the trigger which will make many people click on the message: “Your messages will be deleted soon” Ohhhh, so, if you don’t click on “View messages” then the messages will be deleted?. This is a good one. To all those who really think that something like this is possible: Stay calm, nobody is ever going to delete your messages. And, Facebook…

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.