Home | The Book | Training | Events | Tools | Stats |
February 16, 2010
Abusing the WebMD BrandThe outright deception in the following email body is enough to make one's blood boil:
This message was sent to a role account that is on plenty of spam lists, although I personally don't use it for any purpose. I have visited the WebMD web site in the past, but I couldn't have possibly given them the address to which this spam was directed (and thus the "You are subscribed as..." was the first flag that this was phony — even before downloading the Viagra image).
It's clear that this Chinese medz house is using the good reputation of WebMD to trick recipients into trusting the message. Except for information in the headers, the piece looks to be CANSPAM compliant, supplying WebMD's identity and a link to unsubscribe (the link, however, goes to the Chinese site, identifying/confirming the unsubscriber's email address). Having not visited the spamvertised site, I can't say whether the site builds on the fake WebMD tie, but I doubt it. In any case, the spammer is hoping the spam makes their site look like it's endorsed by WebMD.
I don't know how well-funded WebMD is, or if they'd have any success tracking down these notorious Chinese spammers. They'd better look up "high blood pressure" on their own site before proceeding.
Posted on February 16, 2010 at 09:02 AM