Powered by Movable Type 3.121
Home The Book Training Events Tools Stats
Web log archive.
A Dispatch

« Sending Spam to Myself | Main | Inappropriate Spamvertised Domain Names »

November 29, 2008

Canadian Pharmacy in Full Deception Mode

How long will it be before these "Canadian Pharmacy" a-holes get their comeuppance? Here's a sample of one of their latest:

Horrible, horrible Canadian Pharmacy spam message

Most of the crap in this message has been in the recent flood that I wrote about in my previous post. This includes the From: field forged with my own name and address, as well as the abuse of the Microsoft tag at the bottom making it sound as though the recipient begged for the message because he or she is subscribed to MSN Featured Offers (even when not).

Virtually all of the recent "self-addressed" spam I had seen from these guys had used Subject: lines such as:

  • RE: Message 32779
  • RE: Order 88514
  • Your Order

Now the Subject: lines are getting way off-topic, veering into the same type of sensational headlines that bot-net malware lures have used:

  • African virus spreads
  • Barack Obama's Victory Speech
  • mass kidnapping
  • Gunmen remain on the East coast

The bot-net senders and Canadian Pharmacy senders pull from the same address lists (including my spamtrap addresses), so it's clear to me that they're one in the same. When they need to replenish their army of zombies to send out more medz spam, they switch over temporarily to sending out malware lures.

It obviously takes deep pockets to pursue the global tangle that these jerks use to keep their underground economy flowing. I have my doubts that regular law enforcement, on its own, can do the trick. But that so many of these recent messages abuse Microsoft's brand name and services gives me hope that the spammers might poke the Redmond bear one too many times. If any organization has the stake and resources to hunt these guys down and—with the help of law enforcement—string these guys up, it should be Microsoft. I know where I want Microsoft to go today.

Posted on November 29, 2008 at 09:28 PM