Most people are eagerly waiting for Valentine’s Day. The day is an opportunity to spread affection and excitement amongst loved ones by exchanging gifts. Last year we observed prominent spam attacks using Valentine’s Day as bait. Messages promoted unbelievably discounted jewelry, dinning opportunities, and expensive gifts.
This year, various Valentine’s Day spam messages have started flowing through Symantec’s Probe Network. The top word combinations used in spam messages include the following:
The e-card spam message, shown in Figure 1, arrives with a malicious attachment called ValentineCard4you.zip. After opening the attachment, malware is downloaded on to the user’s computer. Symantec detects the attachment as Backdoor.Trojan.
Figure 1. E-card spam with malicious attachment
Figure 2. E-card spam
Interestingly, in one spam sample spammers invite users to purchase the advertised product with a fake discount code. Along with other bogus promises, the message promotes a pre-Valentine’s Day sale and fake watch brands that are no different from the original in terms of:
The discount codes used in the spam attacks, such as vday[RANDOM NUMBERS], are aimed at luring users into clicking a URL link in order to take advantage of the Valentine’s Day offer.
Figure 3. Fake product discount spam
By clicking on the link, the user is redirected to a Web page that asks for personal information. The main motive of these fake promotions is to acquire user’s personal and financial information.
Symantec is observing an increase in spam volume related to Valentine’s Day, which can be seen in the following graph.
Figure 4: Volume trend of Valentine’s Day Spam
Valentine’s Day-related spam may include the following subject lines:
- Subject: Pre Valentine Discount Code
- Subject: Pre Valentine Day discounts
- Subject: Valentines Day is Getting Closer! Order Flowers for Her Right Now!
- Subject: [REMOVED]@[REMOVED].com :Someone sent you a Valentine Message
- Subject: Best Valentine’s Day Bouquets on Sale!
- Subject: Don’t go Broke over Valentines Day, Quick and Easy Loans Here
- Subject: You Will Lose 28 Lbs Of Fat By Valentines Day
- Subject: Send FREE eCards this VALENTINES DAY
Shopping online is generally safe as long as you stay on trusted and secure sites. Symantec advises users to be cautious when handling unsolicited or unexpected emails and to update antispam signatures regularly. Symantec is closely monitoring the Valentine’s Day spam attacks and will keep users updated.
Leave a reply