All the latest UK technology news, reviews and analysis


Symantec warns of file extension spam outbreak

29 Aug 2012
Spam emails

Researchers with Symantec have warned users and administrators of an unusual spam outbreak which uses common file extensions to trick users.

The company said that the messages have been circulating since mid-August and are linked to online pharmacy sites.

According to Symantec researcher Anand Muralidharan, the messages include normal spam content, such as references to current news events and promises of images and video files. The links, however, appear to end with common file extensions.

Among the extensions used are .pdf, .mp3 and .doc as well as the .asp and .mpeg extensions. Rather than loading the referenced file type, the URLs automatically redirect to the pharmacy site.

"The intention of using these particular file extensions could be to evade content filters, which typically look for other types of file extensions," Muralidharan wrote in a blog post.

"Another reason could be to fool users who would expect the links to open the relevant file type."

Malware writers and spammers have been employing a number of novel tricks lately. Earlier this month, a piece of malware known as Raveton surfaced. The attack poses as a notice from the FBI and demands that users pay a "fine" in order to restore access to their system.

Earlier this week, the US Computer Emergency Response Team issued a follow-up bulletin noting that the malware was also using the guise of the US Cyber Command to defraud victims.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols
About

Shaun Nichols is the US correspondent for V3.co.uk. He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
23%
14%
4%
16%
31%
12%

Popular Threads

Powered by Disqus
Galaxy S5 vs iPhone 5S vs Nexus 5 showdown

Galaxy S5 vs iPhone 5S vs Nexus 5

We speed test three of the most popular smartphones

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Senior Desktop Engineer / Desktop Engineer

Senior Desktop Engineer / Desktop Engineer – The Kent...

Senior Analyst Programmer (Application Development) X2

Senior Analyst Programmer (Application Development) X2...

Principal Software Engineer

CMC² is a creative Community Interest Company, formed...
To send to more than one email address, simply separate each address with a comma.