|
Click the comments link on any story to see comments or add your own. Subscribe to this blog |
19 Apr 2011
This spam showed up in one of my user's mailboxes earlier today. It was sent from Cheetahmail, a large Email Service Provider, easily verified by checking the sending IP address It is not an ad for Adobe and the URL, which you should definitely not visit, is located in China, and shows a fake Adobe web page which invites you to download a fake Adobe Reader update which is in fact malware. The headers in the message suggest that someone used a Cheetamail client's credentials to log in and create and send this spam in large quantities. (My tiny network got four of them, three of them to spamtrap addresses.) Cheetahmail is not related to Epsilon, the ESP whose security failures have been in the news lately, but as this spam shows, their security is unfortunately no better. At this point, in view of the large number of ESPs that have fallen victim to what appears to be the same attack, the safest thing for people to do is to assume that all mail from commercial senders is hostile, do not click on any of its URLs or visit any web site it mentions. Update: A few people have pointed out that it looks like the spammers phished credentials from one of Cheetahmail's clients and are using them to spam. That may well be true. So what? The spam is coming from Cheetahmail, it's their job to keep it from happening. The spam has a funky URL that points to a web server in China, a bit implausible for a clothing retailer that operates only in North America. This reinforces my point that ESPs have a lot of valuable data, and they need to treat it that way, which includes looking for activity that is likely to be customer fraud. It's the same reason that my bank calls me on the phone to check when I do something out of the ordinary. Date: Mon, 18 Apr 2011 13:55:38 -0000 From: Adobe Systems Incoporated <newsletter@adobe-newsletter.com> Reply-To: Adobe Systems Incoporated <support-[random string]@email.childrensplace.com> To: [one of my users] Subject: Get more done, much faster, with new Adobe Acrobat Reader. Upgrade Now GETTING MORE DONE AT WORK NOW COMES IN A CONVENIENT BOX See how Adobe Acrobat Reader is a step above anything you've experienced before, so you can be even more productive. http://www.adobe-link9.com Just how much faster can you work with Adobe Acrobat Reader software? Fast enough to stay on top of last-minute changes, connect with key decision makers, and share updates with co-workers. You'll discover how easy it is to reuse content by exporting PDF files to Microsoft Word or Excel formats. And how quickly you can automate multi-step tasks with new, guided Actions. No wonder PC Magazine says, "There's a lot to like in Acrobat PDF Reader." http:// www.adobe-link9.com Copyright 2011 Adobe Systems Incorporated. All rights reserved. Adobe Systems Incorporated 343 Preston Street Ottawa, ON K1S 1N4 Canada
|
TopicsMy other sitesOther blogsCAUCE A keen grasp of the obvious Related sitesCoalition Against Unsolicited Commercial E-mail |
© 2005-2024 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will
not give, sell, or otherwise transfer addresses maintained by this
website to any other party for the purposes of initiating, or enabling
others to initiate, electronic mail messages.