Christmas Season Comes with Spam
December 30, 2009
Symantec Inc.'s Security Response Team states that with Christmas approaching in about a few days time, spam mailers are busy devising Christmas-related messages.
Spammers are busy to the same extent as the remaining people this vacation time.
Notably, these spam campaigns include greeting cards, offers for gift shopping and courier facilities as baits to get PC operators open malicious e-mails. The e-mails largely contain keywords related to Christmas themes in their subject lines for enticing end-users to view them.
Some examples of the festive-themed subject lines are - Xmass loan offer!!, Christmas shopping made easy, Merry Christmas, Delight a child with a personalized letter from Santa, Letters from Santa Claus to your child, and many more.
Another interesting fact the Team has observed this season is that in contrast to holiday spam in English-speaking countries, Chinese spammers appear to be engaging in much less Christmas-related activities possibly because the Chinese calendar doesn't mark Christmas as an important holiday. However, the younger generations in China enjoy Christmas a lot therefore gift shopping is expected there.
Consequently, the Team has observed a few striking Chinese examples of Christmas shopping-related spam. According to one example, the spammer has randomly sent an ad for Christmas sales. In this, the miscreant has made a few alterations such as making the background color of the advertising content grey or condensing the URL service within the body content that eventually takes the user onto a real business website.
To remain safe from spammers, Symantec has recommended that people should adopt best practices. These are avoid clicking on suspicious web-links placed on e-mails, and check the website address and ensure that it is indeed of the brand. It is good to manually key-in the brand's domain name directly into the Web-browser instead of hitting the link.
Moreover, a good e-mail and Web security solutions should help to recognize malicious web-links within an e-mail while tracing their origin. And if the tracing of the malicious content or websites that produce the links is accurate, then the solutions should help in stopping the e-mails as well as other nefarious attacks.