MP3 spam spreads holiday cheer


Commtouch Labs reported a recent attack involving MP3 messages. The email body and subject line were blank, as seen below, and each message had an MP3 attached to it. The MP3s are all very short and only about 16KB per message in order to trick traditional spam filters.

MP3 spam message

While the emails were all subject-less, the MP3s were creatively named. File names include: beauteously, unsecularise, sporicide, cookshack, teentsier, muftis, zoogeography and squishiness.

When played, the MP3s were all the same message…someone reciting a URL and a woman moaning in the background. It’s creatively packaged Viagra spam from our Canadian Pharmacy friends.

This attack is unique because it is not an image, it’s not URLs embedded in a message. It isn’t any of the more traditional approaches to bypassing spam filters…the MP3 message could go completely undetected by traditional engines. Filters that rely on pattern detection, recognized the outbreak and blocked the messages before they hit networks.

I checked out the link and found this:

Canadian Pharmacy Viagra MP3 spam

Guess they really want us to stock up on our “personal enhancement” needs before the holiday!

Go back