I guess it had to happen sooner or later. After looking at who knows how many spam-and-scam occurrences, Patrick Fitzgerald of Symantec has struck gold while investigating the latest malware campaigns he was alerted to.
The campaign in question is simple enough: forum visitors and Twitter users are offered to download an application that supposedly generates invites for Google Wave. When the user follows the link, he is redirected to a page that contains the wanted file (googlewaveinvitegenerator.exe) – which, of course, is not what it should be, but the malicious payload Backdoor.Tidserv.
And what’s the difference between this and other similar scams? Well, this:
The site allows the download of 4 more files, which combined read like a comprehensive spammer manual. Without a doubt, this occurrence has to be filed in the FAIL category.
What can you learn from those files? You can see what spammers use to generate “original” messages and keyword lists:
You can read how they use SEO optimization to achieve top rankings on search engines, and how they trick CAPTCHA. You can learn how to use Xrumer and Hrefer, two ideal spamming tools.
All in all, a fascinating read that opens a window in to the spammer’s/scammer’s mind.