Spam campaign combines phishing, malware and survey scams

An ongoing spam campaign characterized by brief subject lines and containing only a hyperlink rendered in a large font saying “Click here to see the attached video/photos” or “Click here to read this message” has been targeting users for the last few months.

The campaign’s goals are multiple:

• to phish the users’ Windows Live login details,
• to trick them into completing online surveys,
• to get their mobile number and subscribe them to premium number services ,
• to lead them to sites serving malware, adware or grayware.

The sequence and the combinations of the scams presented to the users differs with the different spam emails, and so do the subject lines and the text of the malicious links.

“Some versions of the scam emails seem to bypass the initial phishing scam page and go directly to the malware or survey scam websites,” points out warns Hoax-Slayer.

“The malicious links also incorporate the email address of the account receiving the scam messages. This means that clicking the links can not only open a scam website, but can also “verify” the email address as valid thereby leading to further increases in email spam.”