Super Bowl, Valentines Spam Begins

HeartI have received plenty of spam lately, promising to share “the best ads ever” and left overs from the Super Bowl, just in case I missed them, and also some special messages from the ones that seem to love me the most for Valentines Day.  Expect to see a lot of this cruft all year round as these dirt bags attempt to social engineer you into visiting their sites, executing their scripts and downloading the malicious garbage that allows them to acess your resources.

If you receive an e-card from someone that you know, call them or send them an email BEFORE you open the email.  From someone that you don’t know, let me introduce you to the big DELETE key…  Some of the emails are fully loaded to auto-execute their payload, others require you click a link.  Do not trust this very popular and effective vector of attack.

EXAMPLE:

From: Valentines-E-Cards@lbEbW.com [mailto:Valentines-E-Cards@lbEbW.com]
Sent: Monday, February 07, 2011 1:06 PM
To: some_address@hotmail.com
Subject: Someone has just sent you an e-Card![Secret Admirer] has just sent you an e-Card!

To view and respond to your e-Card Click Here!<link_removed>

Advertisements

2 thoughts on “Super Bowl, Valentines Spam Begins

  1. I have received 2 e-mails from “secret ad mirers” from this website. I would like to track who sent them. How can I find this out as they were not signed.
    The website that supposedly published these is .

    • Hi Karen,

      If you received the email in Outlook, you could right click on the email and choose “Message Options“. This will bring up a dialog-box to set importance, sensitivity, etc. One of the options at the very bottom of the dialog-box is Internet Headers. All the text in there provides a traceback mechanism, however, in most cases where you got spam or malicious content, the originating address is spoofed. It is generally a waste of time to bother with it, and that shiny delete key is your best option. You may want to add the address to your spam-list, but that too can be a time-waster as the spoofed address is well, spoofed.

      If you are curious, it is best to highlight all of the text in the Internet Headers field and copy-paste it into notepad. Then you can review in a little less chopped up fashion. It starts with the LAST place that the email passed through, back to the originator. If you would like information about what all of those strange characters are, see “ActiveExperts“. If you would like to analyze the header information quickly, try this cool little tool online.

      Good luck with that!

Comments are closed.