Government Shutdown? Obamacare? Here Come The Spammers

By Robert Westervelt
October 03, 2013 11:00 AM ET

The government shutdown and Obamacare have fueled an increase in spam messages leading to bogus websites that can host malware or phishing attacks.

Symantec said it has detected a barrage of spam messages flowing through its network of customers, including a campaign that attempts to get people to visit a site promising good deals on cars and trucks for each day of the government shutdown.

In a blog post about the spam campaigns, Symantec said fairly common techniques are being used to try to dupe antispam filters.

Security firm Trend Micro also warned this week that it detected Obamacare spam leading users to phony Web pages and survey scam sites. The attackers attempted to get a head start, sending spam messages beginning in early September, wrote Merianne Polintan, a Trend Micro antispam engineer.

"Some of these spam variants can be easily recognized," Polintan wrote. "However, others appear professional enough to fool some users into opening the email and clicking the links in these messages."

Spam campaigns use popular names and high-profile events to lure victims to sham websites, experts say. The majority of sites are survey scams, which trick users into giving up personal information with the hope that they can win a prize, Polintan said. "The bad guys can either sell these to other cybercriminals or be used in other, more menacing threats," she wrote.

Spammers have been trying to improve their methods, using Google to whitewash links in an attempt to evade detection over the past year, according to research in March by security appliance maker Barracuda Networks. Spammers also use poorly maintained URL shorteners in their messages and use multiple redirects to dupe antispam engines, the firm said.

Spam is a big business, earning cybercriminals millions and experts say that is why they work hard to keep spam campaigns active, constantly churning out billions of messages to users. The oldest, most notorious spam botnet, called Cutwail, got a refresh in recent months to spread malware and communicate more effectively with the fraudsters. It has been in existence since the early 2000s.

PUBLISHED OCT. 3, 2013

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	McAfee Partner Summit: 10 Ways McAfee Executives Engaged Channel Partners Partners were given an overview of McAfee's product road map, a review of challenges and achievements over the last year, and the goals expected of partners over the next year, at the 2013 McAfee SecurityAlliance Partner Summit.
	Desk Stop: Top 5 Cloud Services Employees Can't Access Risky business? Maybe, maybe not. Here are the top five services that companies are preventing their employees from accessing, according to a Skyhigh Networks study.
	Top 5 Zero-Day Threats Of 2013 Attackers targeted previously unknown flaws in Internet Explorer, Adobe Flash and Reader, and Java, but security experts say businesses and solution providers should put zero-day threats into perspective.
	More Slide Shows