Daily cyber threats and internet security news: network security, online safety and latest security alerts
February 6th, 2009

Fake iTunes Invoices Conceal Valentine’s Ads With Pharma Spam

TrendLabs recently found spammed messages posing as an invoice from iTunes in its e-mail subject but contains an advertisement for a “special Valentine’s day sale” containing links that lead to pharma websites.

iTunes garnered an estimated 3.34 billion dollars in sales for 2008, and the numbers for early 2009 are quite promising as well. With the great success and vast number of customers, this pretty much explains the usage of iTunes to lure users into pharma sites.

On the other hand, the other spam run takes advantage of timeliness. Arriving on users’ inboxes as an advertisement for a Valentine’s Day sale, it displays images of the jewelry that are supposedly on sale. Moreover, he email messages are altered so that the address in the From: field contains a Trend Micro-related email address. This kind of technique to evade spam filters has been seen before, which may suggest that this was possibly done by the same spammer.

Clicking the image connects the user to nothing else but the fake Canadian pharmacy website.

Credit: Maria Alarcon, Jonathan Leopando, Trend Micro TrendLabs

Share this item with others:

More on CyberInsecure:
  • Apple iTunes Users Are Targeted By Phishers
  • Late Valentine E-cards By Storm Trojan
  • Microsoft’s Live Space Invaded By Pharma Link Spammers
  • Griffin Electric Stolen Laptop Exposes Employee Data
  • Spam And Malware In Google Ads

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Fake iTunes Invoices Conceal Valentine’s Ads With Pharma Spam

    2 Responses to “Fake iTunes Invoices Conceal Valentine’s Ads With Pharma Spam”

    1. I received similar spam today from [email protected] subject was ‘Online Canada Pharmacy!!’ and the message contained a link with the same title. I can’t seem to find anything about this spam issue online. Weird that they are able to make it look like it’s coming from itunes – I tried googling the email and the only thing that comes up in search results is that this email is really associated with the legit itunes…

    2. CyberInsecure Says:
      January 27th, 2010 at 9:59 am

      Obviously it was a fake sender address, a technique used in a lot of spam campaigns.

      Unless you actually bought something in such pharmacy, it is safe to tag such emails as spam or ignore them, especially when it comes from pharmacy unrelated domain like itunes.

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.