Spammer campaign exploits email read receipts

Share this article:

A new wave of malicious spam relies on requests for delivery confirmations for unsolicited emails.

According to security firm BitDefender, the technique uses multiple cons.

First, a "read receipt or notification" link attempts to trick the recipient, whose response will verify that the targeted email address is valid and active. If the recipient does not send a read receipt, the spammers deploy a secondary layer of confirmation techniques that uses a reference to a remotely stored image.

Should the previous two confirmation tricks fail, the third layer kicks in, especially if the victim suspects foul play. He or she is given an opportunity to unsubscribe or opt-out, a classic scam technique. The alleged opt-out links do not unsubscribe the recipient from the mailing list, but confirm instead that the email address is functional and ready to get even more spam.

Vlad Valceanu, head of BitDefender's Antispam Research said: “Users should be aware that without the appropriate security solution the integrity of their systems is at an extremely high risk. To validate the email address means that the user has signed the death sentence of his or her inbox.

“The next messages the spammers will send could carry a piece of malware that wipes out the hard drive or harvests and sends out sensitive data, like the credit card number the user types when purchasing goods online.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.