Fake iTunes Invoices Conceal Valentine’s Ads With Pharma Spam
TrendLabs recently found spammed messages posing as an invoice from iTunes in its e-mail subject but contains an advertisement for a “special Valentine’s day sale” containing links that lead to pharma websites.
iTunes garnered an estimated 3.34 billion dollars in sales for 2008, and the numbers for early 2009 are quite promising as well. With the great success and vast number of customers, this pretty much explains the usage of iTunes to lure users into pharma sites.
On the other hand, the other spam run takes advantage of timeliness. Arriving on users’ inboxes as an advertisement for a Valentine’s Day sale, it displays images of the jewelry that are supposedly on sale. Moreover, he email messages are altered so that the address in the From: field contains a Trend Micro-related email address. This kind of technique to evade spam filters has been seen before, which may suggest that this was possibly done by the same spammer.
Clicking the image connects the user to nothing else but the fake Canadian pharmacy website.
Credit: Maria Alarcon, Jonathan Leopando, Trend Micro TrendLabs
More on CyberInsecure:
January 27th, 2010 at 8:23 am
I received similar spam today from [email protected] subject was ‘Online Canada Pharmacy!!’ and the message contained a link with the same title. I can’t seem to find anything about this spam issue online. Weird that they are able to make it look like it’s coming from itunes – I tried googling the email and the only thing that comes up in search results is that this email is really associated with the legit itunes…
January 27th, 2010 at 9:59 am
Obviously it was a fake sender address, a technique used in a lot of spam campaigns.
Unless you actually bought something in such pharmacy, it is safe to tag such emails as spam or ignore them, especially when it comes from pharmacy unrelated domain like itunes.