Blog

The spam sample below from Commtouch Labs shows an unfortunate lost opportunity for the spammer – a message that might have reached its recipient and enticed him/her to click on the enclosed link.  But the link leads to a parked domain, and based on its use of “Company ABC” and

I seem to be asking this question a lot. I have already written one article and one previous blog entry on this subject. It is an important question: Millions of people are using antivirus and probably every piece of data on this planet has been processed at least once through

Earlier this week we described a huge malware outbreak with increases of over 500%. The graph we presented showed a tapering off after the peak of the attack. The similar attacks in March and April also showed this trend – with a large initial outbreak followed by gradually decreasing spikes

RIGHT TO LEFT OVERRIDE (RLO) is a unicode control character (U+202E) that reverses the character reading order from the traditional left-to-right, to right-to-left. This is mainly used for right-to-left languages (such as Arabic or Hebrew). We reported this trick last year but it has resurfaced extensively in the past week

The UPS name is once again being used to spread vast amounts of email-attached malware. The last week has seen an extraordinary increase – over 5.5 times the average level before the outbreak. The attack closely resembles the large outbreak reported on at the end of March. There are numerous

“Dating spam” – that’s what we call it. I mean, on the surface that’s what these emails seem to be offering. Last year we described the return to ASCII-art spam that promoted dating sites.  Of course spammers and the products that they promote must move with the times. So, as

What do the following websites have in common?  www.alwaysnewyou.com – a health and beauty advice site levelvet.com – a Russian shopping site www.villahadir.lu – a site describing a restaurant in Luxembourg These sites and thousands more use a script called “PHPThumb” to manage the images on their webpages. The script

Russian brides can no longer sit complacently and wait for potential husbands. There is now competition on the (Western) horizon. Baltic brides are waiting and there are several important advantages as pointed out in the spam email below:  EUROPEAN PASSPORTs – All our Baltic Brides have European Union residence. No

Spam and malware distribution is a business. So if something works then don’t change it. We speculate that these attacks work since our labs have seen them repeated almost unchanged for months now. (See this post about Twitter spam and this post about twitter spam). The recipe for success when