Home / Blogs

CNN Spam Outbreak Quickly Morphing Into a New Breed

  • Aug 10, 2008 4:05 PM PST
  • Comments: 1
  • Views: 5,756
Print Comment
By Terry Zink
Terry Zink

This past week we have been seeing some heavy CNN spam — that is, spam in the form of breaking news stories from CNN.com.

Below is a sample:

These all look like legitimate news stories, and indeed, they probably are taken straight from an actual CNN news bulletin (I don't subscribe so I wouldn't know). Indeed, the unsubscribe information and Terms of Use actually link to actual CNN unsubscribe pages. However, if you mouse-over all of the news links, they go to a spam web page wherein the payload is either a spam advertisement or you click on another link to download a file and flip your computer into a botnet.

This technique is known as spoofing and it has been used by spamemrs for a long time. It is a social engineering technique where they will masquerade as a legitimate source in order to trick the end-user into taking some sort of action. In phishing emails, they are attempting to recover sensitive personal user information to gain access to financial records. With this spam run, the spammers are attempting to deceive the end-user into clicking on the links to download a virus and flip them into their botnet. Because many people trust CNN and the messages look like an actual email bulletin, they can be fooled into thinking this is a legitimate email notification.

The spam outbreak "from" CNN however, quickly morphed into a new breed a couple of days later:

It appears that the spammers had learned from previous mistakes because this one is a little slicker. In the body contents, just like the old one it contains links to valid messages and a single payoff (the link to Full Story which contains a payload to a virus or spam). However, the message source is where we see how the spammers have evolved. They started making the source of the messages more representative of an actual CNN message. The previous spam campaign contained some textbook errors which I won't go into in this post. However, they are still using the spoofing technique in order to get their payload delivered.

By Terry Zink, Program Manager. Visit the blog maintained by Terry Zink here.

Related topics: Email, Security, Spam

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

Phish or Fair?

  • Feb 07, 2012
  • Comments: 4

The FBI and Scotland Yard vs. Anonymous: Security Lessons

  • Feb 06, 2012
  • Comments: 0

World Notices That Verisign Said Three Months Ago That They Had a Security Breach Two Years Ago

  • Feb 02, 2012
  • Comments: 2

DMARC: New Email Authentication Protocol

  • Jan 31, 2012
  • Comments: 0

The State of Mail Database Marketing

  • Jan 28, 2012
  • Comments: 0
View More

Related News

Iran Blocks HTTPS, 30 Million Reported Losing Email Access

  • Feb 11, 2012
  • Comments: 0

DNSChanger Trojan Still Running on Half of Fortune 500s, US Govt

  • Feb 02, 2012
  • Comments: 0

Public-Private Cooperation Policy for Cyber Security Suggested by Commissioner Kroes

  • Jan 31, 2012
  • Comments: 0

DDoS Attacks Increased by 2000% in Past 3 Years, Asia Generating Over Half of Recent Attacks

  • Jan 31, 2012
  • Comments: 0

NASA Website Blocked Due to DNSSEC Error

  • Jan 25, 2012
  • Comments: 0
View More

Topics

Access ProvidersLaw
BroadbandMalware
CensorshipMobile
Cloud ComputingMultilinguism
CyberattackNet Neutrality
CybercrimeP2P
CybersquattingPolicy & Regulation
Data CenterPrivacy
DNSRegional Registries
DNSSECRegistry Services
Domain NamesSecurity
EmailSpam
EnumTelecom
ICANNTop-Level Domains
Internet GovernanceVoIP
Internet ProtocolWeb
IP AddressingWhite Space
IPTVWhois
IPv6Wireless
View More

Industry Updates – Sponsored Posts

MarkMonitor to Exhibit at Internet Tech Policy Exhibition and Reception to be Held on Capitol Hill

Verisign to Award New Infrastructure Research Grants

Nixu SNS 2.5 Series Gives Fresh Views on DNS

Neustar Names Joe Pasqua to Head Neustar Labs

Q3 2011 Fraud Intelligence Report

The Spookiest DDoS Attacks in History

Protecting Your Business from DDoS Attacks: Advice from Neustar

A Different Kettle of Phish

Introduction to Nixu Software: End-to-End Software-Based DNS, DHCP, IPAM Solutions for Your Network

MarkMonitor Fraud Intelligence Report Released for Q2 2011

Dyn Releases New Powerhouse in Enterprise Class Email Delivery

  • By Dyn
  • Views: 1,407

President Obama Names Neustar President and CEO Lisa Hook to NSTAC

Verisign's Matt Larson Wins 2011 InfoWorld Technology Leadership Award

Internet Adds 4.5 Million Domain Names in First Quarter of 2011

Businesses Lack Safeguards Against DDoS Attacks and DNS Failures, New Research Shows

Q1 2011 Fraud Intelligence Report

Neustar Launches SiteProtect for DDoS Protection

The Botnet-Counterfeit Drugs Connection

Verisign Enhances Its Managed DNS Service With Full Support for DNSSEC Compliance and Geo Location

Verisign Achieves Critical DNSSEC Milestone by Deploying Security Extensions in .com TLD

View More

Hot Topics

Neustar UltraDNS

DNS

Sponsored by
Neustar UltraDNS
Verisign

Security

Sponsored by
Verisign
Afilias

DNSSEC

Sponsored by
Afilias
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
dotMobi

Mobile

Sponsored by
dotMobi
View More