Best Buy & Target Websites Exploited to Run Email Scams
Security firms such as 'Webroot' and 'Sophos' warn netizens to be cautious against email scams originating from the websites of retail companies like Best Buy and Target.
Security researchers at Webroot explained the spam campaign and said that it was being circulated through an email message which seemed as a subscription renewal confirmation from Best Buy for one of Webroot's products. Best Buy presently sells its (Webroot's) products through (Best Buy) online software subscription service.
In addition, the message consists of a transaction date (July 17, 2010) and a serial number (which doesn't work).
However, it looks that the spammers behind the campaign did prepare well as highlighted by Webroot. The security firm (Webroot) says that the spammers tried to hijack Webroot's trademark and in the process used the wrong name of Webroot's software 'Webroot Spysweeper with antivirus Product.'
Webroot states that neither Webroot itself sells anything named 'Webroot Spysweeper with antivirus Product' nor Best Buy online subscription.
A similar rogue email message delivered by spammers on behalf of the retail chain 'Target.' Target thinks that the email recipient would like to know that they (Target) have shipped the email recipient's items and therefore the email recipient's order is complete.
In most of the abovementioned cases, links involved in the spam emails take to redirect scripts harbored on domains which have no relations with those companies. These redirectors enable cyber criminals to easily rotate the malicious landing pages when needed. For instance, Sophos notices that in some cases, these could be Canadian Pharmacy spam websites, while in other cases, sites that propagate scareware. Sophos reportedly detects this scareware or fake antivirus (FAKEAV) as Mal/FakeAV-EI.
Malware Researcher, Onur Komili at SophosLabs, Canada, recommends that as usual, one should pay attention to the link one is going to click while reading an email. In some of the cases, simple clicking of the link will be sufficient to infect the system with a drive-by-download. However, up-to-date browser, browser like Firefox and plugin such as NoScript can protect from many of these infections, as per the statement published by softpedia on August 7, 2010.
Related article: Best Buy Fined for Violating Spam Act
» SPAMfighter News - 18-08-2010