« Mix 'n Match Phisher | Main | The Inefficiencies of Botnet Spammers »

April 19, 2009

Back in January, I wrote about spam arriving with nothing more than the text "podmena traffica test" in the body. It's back again, based on not only messages I've seen here, but also on the number of visitors to the earlier article who find it via Google.

That the messages come from a botnet is hard to dispute. The bizarre Subject: lines of the earlier campaigns were ultimately used verbatim for run-of-the-mill medz and knock-off goods spam runs (that even trickle in months later).

While I don't have anything more to report about what's behind this pattern, I am glad that more email users seem to be performing some due diligence in looking behind the unexpected/unexplained. That's also one reason why I quote liberally from incoming spam that, in my estimation, is potentially dangerous — in the hope that the curious will use Google to learn about bad consequences without acting directly on the messages.

Of course, there isn't much to act on with the "podmena" spam because there aren't any links or URLs to follow. But one thing is certain: if your email address is receiving these messages, more spam will follow unless you have good server-side filtering in front of your inbox.