Earlier this week we described a huge malware outbreak with increases of over 500%. The graph we presented showed a tapering off after the peak of the attack. The similar attacks in March and April also showed this trend – with a large initial outbreak followed by gradually decreasing spikes

RIGHT TO LEFT OVERRIDE (RLO) is a unicode control character (U+202E) that reverses the character reading order from the traditional left-to-right, to right-to-left. This is mainly used for right-to-left languages (such as Arabic or Hebrew). We reported this trick last year but it has resurfaced extensively in the past week

The UPS name is once again being used to spread vast amounts of email-attached malware. The last week has seen an extraordinary increase – over 5.5 times the average level before the outbreak. The attack closely resembles the large outbreak reported on at the end of March. There are numerous

“Dating spam” – that’s what we call it. I mean, on the surface that’s what these emails seem to be offering. Last year we described the return to ASCII-art spam that promoted dating sites.  Of course spammers and the products that they promote must move with the times. So, as

What do the following websites have in common?  www.alwaysnewyou.com – a health and beauty advice site levelvet.com – a Russian shopping site www.villahadir.lu – a site describing a restaurant in Luxembourg These sites and thousands more use a script called “PHPThumb” to manage the images on their webpages. The script

Russian brides can no longer sit complacently and wait for potential husbands. There is now competition on the (Western) horizon. Baltic brides are waiting and there are several important advantages as pointed out in the spam email below:  EUROPEAN PASSPORTs – All our Baltic Brides have European Union residence. No

Spam and malware distribution is a business. So if something works then don’t change it. We speculate that these attacks work since our labs have seen them repeated almost unchanged for months now. (See this post about Twitter spam and this post about twitter spam). The recipe for success when

As a feminist who sees an above-average amount of spam (due to many years in the Internet security space), the spam sample below caught my eye and elicited a chuckle.  It’s dating spam with sense of humor: the spammer sent a “looking for sex on the side” spam message with

Malware distributors are abusing the names of well known security suites to trick users into downloading malicious files. The email message informs recipients that they may have been infected with a worm requiring them to download and run a scanning tool.  Google translation: Your e-mailcan be blocked byinappropriate use.Attention: We

Lesson one: The IRS is a confirmed favorite of spammers, phishers and malware distributors. As an example consider the attacks from the last few weeks that have targeted users of the IRS’s electronic payment portal. This time the attack starts with an email about tax forums to train and serve