Spam News, Articles and Updates

RAT campaign targets Koreans with phishing lures ft US-North Korea summit

A remote access trojan that apparently went undiscovered for at least two years was found targeting Koreans in a spam campaign using the possible upcoming US-North Korea nukes summit as a phishing lure.

Hackers hijack SpamCannibal, spam users with false notifications

Last week hackers hijacked SpamCannibal, which sends blacklists of spam servers, and spammed users with phony blacklist reports.

That smarts! 'Brain Food' spam botnet malware found on thousands of sites

A spam campaign called Brain Food has been feeding email recipients a steady diet of junk messages containing links to pages promoting bogus intelligence-boosting supplements and diet pills.

Legacy (e)mail systems failing to provide sufficient protection

Mimecast's latest ESRA report found more than 14,277,163 pieces of spam, 9,992 emails containing dangerous file types, and 849 unknown emails with malware attachments -- all missed by the incumbent providers.

Recently patched Flash vulnerability spotted in massive malspam campaign

A recently patched Flash Player flaw was exploited in a widespread attack spam campaign primarily targeting South Koreans.

Kaspersky Lab anti-phishing system attacks jumped 59 percent in 2017

Fraud-minded spammers continue to globally exploit the zeitgeist of current events that make opening unsolicited email irresistible, accounting for the 59 percent increase in phishing attacks last year.

SWIFT Grift: Fake financial messaging service emails deliver Adwind RAT

An email phishing campaign launched this month attempted to infect spam recipients with the Adwind cross-platform RAT by fooling them into thinking they received an important financial document from SWIFT financial messaging.

New Word malware attacks infect systems without using macros

Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password stealer as its final payload.

Edward Snowden returns to US! Oops, nope, it's a phishing scam

A strange spam campaign that targets Apple customers has been found distributing phishing emails containing an Apple receipt that bills US$ 9.99 (£7) to an Edward Snowden residing at a US address.

Windows Installer service hacked to infect victims' systems with malware

Cyber-criminals are using a malware spam campaign to exploit a remote code execution vulnerability in Microsoft Office to download and execute malicious scripts on victims' systems.

Twitter spam app plaguing accounts

Cyber-criminals attempting to take advantage of Twitter users' curiosity over who visits their page are using a new form of bait that advertises the ability to track such visits.

Dridex campaign carries scent of Necurs with a hint of FTP

Forcepoint researchers spotted a malware laden spam campaign, similar to Necurs, using compromised FTP sites instead of the usual HTTP link as download locations for malicious documents.

MailSploit bugs let spoofed emails bypass DMARC, spam detectors

A collection of vulnerabilities dubbed Mailsploit, found by German security researcher Sabri Haddouche in 30 types of email client applications - from Apple Mail to Mozilla Thunderbird - lets hackers bypass anti-spoofing mechanisms.

Cobalt malware leverages recently patched 17-year-old Microsoft flaw

Cobalt malware was documented exploiting the 17-year-old CVE-2017-11882 vulnerability via spam just a few days after researchers noted a similar spam campaign exploiting an RTF documents.

Linux IoT botnet retooled to send spam email

An IoT botnet has set its hooks in about 4,500 - 5,000 proxy devices to send spam emails which each device capable of sending 400 messages or a total of 1.8 million messages per day.

Doubling Down: Locky & FakeGlobe ransomware pushed in dual spam campaigns

Cyber-criminals kicked off a spam campaign earlier this month capable of delivering either Locky or FakeGlobe ransomware creating a situation where a single person could be victimised twice in the same attack.

Imperva Incapsula uncovers elaborate 80,000-strong spam botnet

Researchers at the security company find that making money online from fake Viagra not so hard.

ICYMI: Spam leak; password loss; Privacy Shield; hospital hit; app in iframe

In Case You Missed It: Spammer breached; Yahoo/gmail passwords; Privacy Shield concern; malware shuts hospital; 132 apps in iframe malware.

Major spam operation suffers data leak containing 1.4 billion records

A spamming group called River City Media, led by well-known spammers Alvin Slocombe and Matt Ferris, has had its database of 1.4 billion records leaked.

ICO deals finance firm fine, as ICO fine total mounts up

A finance firm based in London has been fined £70,000 by the Information Commissioner's Office, in retaliation for its contracted marketing firm sending out some 2.2 million unsolicited SMS messages. The fine comes as the ICO's total bill of outstanding fines mounts up, due to companies going into liquidation rather than paying them.

Localised "designer" malware campaigns all the rage, says Sophos

Criminal outfits are increasingly distributing "designer" spam and malware, customised to optimally target victims in specific geographic regions, according to new research from Sophos' research division, SophosLabs.

Facebook scam promises friend's video, delivers malware instead

A new spam campaign tries to fool Facebook users into downloading malware by luring them to a fake YouTube page supposedly featuring a friend's video.

Nigerian man sentenced to 12 years for operating spam scheme

A Nigerian man was sentenced to more than 12 years in a prison and ordered to pay US $13 million in restitution for his role in an internet fraud scheme

Shade among top three encryptors in Russia; delivered via spam, exploit kits

Researchers at Kaspersky Lab said Shade encryptor has gained a top three encryptor berth in Russia in less than a year.

Decoding the DNS: A new arena in cyber defence

Cyber defence tactics are constantly evolving to meet new threats - but one area that has been undervalued up until now is the Domain Name System (DNS), says Simon McCalla.

Kaspersky Lab—spam and phishing in Q2

Kaspersky's latest report shows that in the second quarter of 2015 spam was controlled by emails based on real events.

Cloudmark identifies iomart worst for spamming in UK

Scotland-based iomart has been identified as the leading UK source of spam last month by email security firm Cloudmark.