Quickly morphing CNN spam


The spam outbreak "from" CNN the occurred this past week has morphed into a new breed:

image

It appears that the spammers have learned from previous mistakes because this one is a little slicker.

In the body contents, just like the old one it contains links to valid messages and a single payoff (the link to Full Story which contains a payload to a virus or spam).  However, the message source is where we see how the spammers have evolved.

The previous spam campaign contained some textbook errors which I won’t go into on this blog.  The headers in this one are a little cleaner but again, they are using the spoofing technique in order to get their payload delivered.

Comments (5)

  1. I clicked on the "unsubscribe" link at the bottom of the original "Top 10" phishing scam, thinking that I had inadvertently signed up for a daily top 10 from CNN, because I often visit that page to catch up on the news.

    Does anybody know if clicking on this unsubscribe link could cause a virus to activate and if so, is there any known solution out there to get rid of it?

    Sincerely,

    Richard Aberdeen

    http://www.FreedomTracks.com

  2. Jason says:

    Great. Now how to I stop receiving these messages everyday?

  3. Chris says:

    Richard – The links at the bottom (unsubscribe, etc.) are legitimate; I went to them and tested them against navigating to the same pages from CNN.com itself.  It’s just the news story links that are wonky.

  4. J. Leyden says:

    I clicked on a link to a news story after a few too many drinks, but I can’t for the life of me remember whether I allowed the Flash plugin to install (I think I just killed the browser). How can I be sure?