Over the last couple of days we've been noticing a few pharmacy spam mails which are a bit different. Somebody seems to have replaced the original graphical content with an alert highlighting that such messages are malicious.
So far we have counted three (ab)used image hosting services for this spam:
A quick analysis of these showed that #1 currently serves all the replaced images, #2 serves all original spammers images and #3 seems to have removed the offensive content immediately, good work!
At the moment, we don't have any further information about the source/background of the warning replacements - this gives us plenty of opportunity to use our imaginations when thinking about what's actually going on. A few of the key words and concepts we're considering are: white hats, rival spammers, compromised hosting service(s). Not an exhaustive list, but more of a launch pad for further theories and research!
2010 Jul 09, 00:40
I also have some assumptions, technicaly is detailed analyzed. Take a look at the pictures itselfs and used font. I am also not ekspert but one can see that the person or group who sent this, has knowledge to find on net appropriate symbols, and he knows schema of forgery. He knows that pills are fake and could damage ones health. And that the money will be stollen. etc. He uses word scam not spam.
Edited by fp, 2010 Sep 09, 00:48
Yes, you raised some interesting points. Thanks much for your input!
Re: Re: Motivation?
Regarding a different psyhological profiles of people I think this is just another kind of spam. Like majority of spam exploits human graspingness, this spam I presume, is intentionaly designed to exploit human despite (contumacy). This attribute is highly demonstrated at some very young children. But like nigerian scheme is still working unfortunatelly there is a great potentional for such exploits.
Edited by fp, 2010 Sep 03, 11:57