Clever spammers have come up with a way to bypass email filters in order to send Pharma-themed junk messages. The process is done in stages, using a legitimate URL shortener, Google’s translation services, and compromised domains.
Researchers at Barracuda Labs have detected a large amount of spam hitting inboxes, and after some research discovered why; someone discovered that Google is often whitelisted. That’s not the news though, because some of the more clever anti-spam products scan the message itself and rank the reputation of links inside – so Pharmaceutical spam, and other junk messages often fail to arrive.
However, Barracuda says that enterprising spammers are using Google Translate, in conjunction with Yahoo’s URL shortening service and hijacked WordPress installations, to bypass even some of the strictest filters.
“One of the primary reasons that small weakly defended websites are hacked is to install simple redirect code – the spammer takes advantage of the good reputation of the website to evade spam filters, and the hacked website redirects anyone who clicks on the message links to the website that the spammer is promoting,” Barracuda explains.
In the example used for their blog post on the topic, the spammer used Google Translate to point to a URL that was shortened with Yahoo’s y.ahoo.it service. The shortened, and translated link, points to a compromised WordPress blog, which redirects the visitor to a rogue pharmacy website.
“We’ve tested many of these links in the lab, and it appears that Google may be implementing code that defeats framebusting, but our tests are inconclusive. Some links now redirect to google.com, while others still redirect to pharmacy sites. We certainly hope this technique is not discovered by malware distributors,” Barracuda’s blog adds.
It is likely that malware distributors are fully aware of such tricks. But all the same, it’s best to simply avoid links that are delivered via random emails.
More from Steve Ragan
- Anonymous Claims Attack on IP Surveillance Firm Brickcom, Leaks Customer Data
- Workers Don’t Trust Employers with Personal Data: Survey
- Root SSH Key Compromised in Emergency Alerting Systems
- Morningstar Data Breach Impacted 184,000 Clients
- Microsoft to Patch Seven Flaws in July’s Patch Tuesday
- OpenX Addresses New Security Flaws with Latest Update
- Ubisoft Breached: Users Urged to Change Passwords
- Anonymous Targets Anti-Anonymity B2B Firm Relead.com
Latest News
- Ferrari Says Ransomware Attack Exposed Customer Data
- Aembit Scores $16.6M Seed Funding for Workload IAM Technology
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- New York Man Arrested for Running BreachForums Cybercrime Website
