Spammers hijacking legit newsletters

Newsletter creators aren't the only ones hoping their products don't get caught in spam filters now that hackers have begun using newsletters to launch spam.

Researchers at Symantec say they've uncovered email messages that appear to be genuine newsletters — only to find the emails have been hijacked by spammers.

Spammers embed their messages within a single file, according to the Cupertino, Calif.-based anti-virus firm. The message pops up after an affected user reads what they think is a normal newsletter message.

Doug Bowers, senior director of anti-abuse engineering for Symantec, told SCMagazine.com today that the new spammer strategy is ironic, considering the problems legit newsletters once had avoiding spam filters.

"For us, [what stands out] is the irony that just a few years ago a lot of legitimate newsletters were being classified as spam, and now it's being flipped the other way," he said.

An affected user will rarely see more than one "newsletter spam" message per day, meaning there is an obvious measure of control to the attacks, according to Symantec.

Bowers also said that the emails have so far only been seen within newsletters in HTML format. Symantec has captured spam pretenting to be newsletters from a fantasy football league, U.S. Airways, Kohl's and 1-800-flowers.com.

"What we're seeing right now is that spammers are leveraging the format of that newsletter and inserting small modifications. It might look like that [legitimate] newsletter would appear, and then a message or some additional text would pop up," said Bowers. "It potentially leads to confusion on the user's part because they're assuming a certain level of trust, and it's also a way to confuse filters. As far as whether or not it can be used to deliver trojans or other security risks, that remains to be seen."

Click here to email Online Editor Frank Washkuch Jr.

close

Next Article in News

Sign up to our newsletters