Today our lab has detected a flood of spam messages that contain a malicious link from which malware is downloaded. We’ve seen more than 8,000 in a few hours. These emails have the following subjects: Fw: FW: Re: RE:FW: Re:Fw: RE: The content of these messages is just a link to a website. The following are some examples: http://anonymfiles.reda.co.kr/archive0714/?id=email@domain.com http://archivedv.kr/archive0714/?id=email@domain.com http://filearchredb.or.kr/archive0714/?id=email@domain.com http://files.reco.kr/archive0714/?id=email@domain.com http://files4friends1e3eq.co.uk/archive0714/?id=email@domain.com http://incognireda.ne.kr/archive0714/?id=email@domain.com http://postcayrxc.kr/archive0714/?id=email@domain.com http://secretarcredn.kr/archive0714/?id=email@domain.com http://secretfiyrxo.co.kr/archive0714/?id=email@domain.com http://sendspyrxs.co.kr/archive0714/?id=email@domain.com If ...

Many Twitter users still haven't got over this weekend's BZPharma LOL phishing attack, and now a new campaign is being spammed out from compromised accounts directing users to a site selling herbal viagra to improve sexual performance.

A typical spam message reads:

Get bigger and have sex longer. go here http://example.com/?rid=http://callbling.com

where 'example.com' can vary.

Clicking on the link redirects users to a website called callbling.com. It doesn't take a rocket scientist to work out what they're trying to sell to you..

I'm afraid that the only thing which might get bigger is the spammers' bank accounts.

My suspicion is that the accounts sending out the spam message will include many of the sites that were compromised in the earlier BZPharma LOL phishing attack which has been such a big problem on Twitter over the weekend.

As before, the spam messages aren't just being sent via direct message (DM). They are also appearing on public profiles, possibly because of third party services such as GroupTweet automatically republishing DMs.

If you see any unusual messages being posted from your Twitter account, please please change your password as soon as possible.

Notable highlights this month include the continuing shift of the region of message origin to APJ and South America, and changes in the average size of spam messages.
 

According to the 2002 Census of the Population, 42% of the population of Ireland has the ability to speak Irish. Irish has also had official and working language status at the EU level since January 1, 2007. Recently, some examples of spam messages in Irish—the official language of the Republic of Ireland—have been observed.

Cybercriminals are using compromised twitter accounts to spread spam messages and Twitter phishing. The CA ISBU team has identified an active Phishing attack occurring via spam messages circulating throughout the Twitter network. This attack starts off when a Twitter user receives a direct message, such as the one depicted in figure 1 below, from any one of their followers.   (Figure 1 -...