The Return of MP3 Spam

Posted on behalf of Dan Bleaken, Malware Data Analyst, Symantec Hosted Services

MP3 Spam Returns to Attract Recipients to Canadian Pharmacy Website
I remember the excitement in the MessageLabs anti-spam team when the first spam with an MP3 file was intercepted, back on 18 October 2007.  At that time we were watching particularly carefully for the appearance of new file types in spam.  Image spam had been huge over the Summer of 2007, especially images containing randomised pixels (an attempt to bypass traditional signature-based detection).  Later in the same year, PDF files were also being used as well as some other file types that hadn’t been seen in spam before.  At that time it seemed as though spammers were keen to explore the use of new attachment types; anything to keep their spam runs varied and shifting. 
Today of course, we still see various file formats being used in spam messages, but not nearly as much as in 2007 and 2008.  The favored approach now is to include a hyperlink that leads to spammers' websites.  Images are still seen frequently in spam, but they too are shifting from being physically attached to the mail, to being hosted on some website and presented in the content of HTML spam emails.
Back in 2007 it was particularly interesting to discover the use of MP3s in spam messages as (continue reading...)