Scammers Avoid Spam Detection By Using Redirection In Adobe Flash Files And ImageShack.com Free Hosting
Anti-spam service MessageLabs reports a new way found by scammers to bypass anti-spam filters. This time scammers are utilizing Adobe Flash files and free websites hosting services.
Spam messages with harmless-looking content contain links to Flash-based files on free image hosting services like ImageShack.com. The commands embedded in flash files redirect the recipient to sites that punt Viagra, work-at-home offers and free software updates.
The technique allows spammers to bypass content filters employed by many anti-spam products, which immediately reject messages that contain links to dodgy sites. Because popular sites such as ImageShack are whitelisted, use of the Flash file allows spammers to bypass the filter but still lure victims into malicious websites that trick them into installing malware.
A lot of the free image websites out there are accepting Flash files and attempt to display it. The spammers basically get a free ride to bypass URL blocking, said Matt Sergeant, senior anti-spam technologist for MessageLabs.
As the series of images below show, the technique is being used to lure users to medsplacesuch.com, a site that claims to be an online pharmacy. It’s also being used to trick users into installing software known as Antivirus XP 2008 (also known as XP Antivirus 2008), and to a work-at-home site claimed to be operated by a company called Retoneva.
ImageShack has done a good job and removed malicious files that were reported to it`s abuse department, according to MessageLabs.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.