Jump to content

New type of spam?


Recommended Posts

Hi folks,

Has anyone else started getting spam disguised as airline check-in and reservation notices?

I got two already this morning claiming to be from US Airways. The link for "online reservation" or whatever takes you to one of these sites:



I didn't check to see what those really were, of course.


Link to comment
Share on other sites

This is slightly different, but at the same time it's exactly the same as every other "trojan" spam. They disguise their links as something you would want to click on. That could be anything from nude celebrity pics to LinkedIn invitations to winning the lottery to needing to verify the security on your account.

These types of automated emails tend to work well, I believe, because they're generally semi-personal (it may have your name or something, but it's mostly a pretty cookie-cutter form letter) and have long confusing URLs (often through a marketing service rather than directly to the site too). It's easy to see that paypalcopy.hackersite.com isn't the same as www.paypal.com, but it's much more difficult when there's a marketing redirect or the link goes four subdirectories down to a scri_pt with 15 parameters that won't fit in a client's status bar even on the largest monitor available. If it does get caught as spam, it's more likely to be checked out, since those marketing form mails are the type that would tend to be a false positive. The companies themselves are making it harder to tell what's legit and what's not because they're making their emails overly complex.

Link to comment
Share on other sites

Looks like there's a bit of US Airways spoofing going around, as InvisiBill says a "tried and tested" method using any feasible source to get under your guard - http://phishing.vcu.edu/2012/04/02/fake-u-...istration-scam/

The "buttons" they mostly go for are panic and avarice and as a bonus (for them) these spams sometimes coincide to some extent with actual events in your life - and there will always be some sense of, or apparent cause for, urgency.

You can sometimes strike back by forwarding the link URLs to virustotal or similar which just might alert anti-malware organizations to a new exploit site but, as InvisiBill also alludes, the possible exploits are often well-buried and undetectable by a surface scan.

Reporting the spam through SC at least raises the bar for the spam senders - they can't use just any old internet connection and account to pump the stuff out without drawing the spotlight and even if they're a little stealthy/distributed they can still attract unwanted attention to their peripheries.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...