Spammers capitalize on Italy earthquake

Share this article:

As the death toll from the earthquake in central Italy grows, spammers have moved to capitalize on the catastrophe.

“Today, we observed scam emails sent from randomized email accounts with 'Italy quake news' subject lines,” wrote Vivian Ho in a post on the Symantec Security Response Blog."

The subject line of the spam email attempts to be as provocative as possible, to lure victims into opening the message. Some of the subject lines include:

  • “A glance at towns damaged by quake in Italy”
  • “Quake-prone Italy lags in quake-proofing buildings”
  • “A glance at victims and damage in Italy's quake”
  • “Scientist Claims He Predicted Italy Quake”
  • “Italy seeks survivors, prepares to bury quake dead”
However, there is no payload involved.

“Although there are no malicious attachments found in this type of scam,” Ho wrote, “spammers could still validate active email accounts when recipients open their email or system bounce notifications for inactive account lists.”

Despite the long history of such ploys, in which spammers leverage current events to dupe victims, people still fall for them, Ho said.

Central Italy was hit on Monday by a magnitude 6.3 quake. Tens of thousands have been left homeless, with hundreds dead and missing.
 

Share this article:

Sign up to our newsletters

More in News

AOL Mail hack furthers spam campaign using spoofed accounts

AOL confirmed on Monday that it was aware of the issue and working to remediate the situation.

Backdoors in Wi-Fi routers, said to be closed, can be reopened

Backdoors in Wi-Fi routers, said to be closed, ...

Although said to be patched, researcher Eloi Vanderbeken discovered during the Easter holiday that backdoors existing in certain wireless routers can be reactivated.

Apple ships Mac OS X updates, fixes several code execution bugs

Apple ships Mac OS X updates, fixes several ...

Among the addressed vulnerabilities, was a bug affecting WindowServer, which could allow an attacker to execute malicious code outside the sandbox.