Spammers hijacking legit newsletters

By

Hackers have begun using newsletters to launch spam, joining legitimate newsletter creators in the hope to defy spam filters.

Spammers hijacking legit newsletters
Researchers at Symantec say they've uncovered email messages that appear to be genuine newsletters - only to find the emails have been hijacked by spammers.

According to the US based anti-virus firm, Spammers embed their messages within a single file, which pops up after an affected user reads what he or she thinks is a normal newsletter message for a few minutes. 

Doug Bowers, senior director of anti-abuse engineering for Symantec, told SCMagazine.com today that the new spammer strategy is ironic, considering the problems legit newsletters once had avoiding spam filters.

"For us, [what stands out] is the irony that just a few years ago, a lot of legitimate newsletters were being classified as spam, and now it's being flipped the other way," he said.

An affected user will rarely see more than one "newsletter spam" message per day, meaning there is an obvious measure of control to the attacks, according to Symantec.

Bowers also said that the emails have so far only been seen within newsletters in HTML format. Symantec has captured spam pretenting to be newsletters from a fantasy football league, US Airways, Kohl's and 1-800-flowers.com.

"What we're seeing right now is that spammers are leveraging the format of that newsletter and inserting small modifications. It might look like that [legitimate] newsletter would appear, and then a message or some additional text would pop up," said Bowers.

"It potentially leads to confusion on the user's part because they're assuming a certain level of trust, and it's also a way to confuse filters. As far as whether or not it can be used to deliver or other security risks, that remains to be seen."

Click here to email Online Editor Frank Washkuch Jr.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?