Symantec Reports Abuse of URL Condensers within Newly-Detected Spam Run
Investigators at Symantec are reportedly cautioning of online-crooks who're increasingly utilizing URL-condensing utilities for their e-mail scams, while attempting at tricking gullible end-users.
Notably, URL condensers largely help in camouflaging web-links, particularly when cyber-criminals utilize several of them for devising multiple hops prior to getting victims to land on certain malware-laced website.
States Symantec that one fresh spam run was recently identified wherein e-mails posed as communication from a service that transferred funds between banks. The unsolicited e-mail asserts that officials have annulled one such transfer, while directs recipients for viewing an associated .pdf document hosted on an outside Web-address. But, on clicking the given web-link, no document emerges rather users, through condensed URLs, get diverted till they reach a site with a drive-by download.
Additionally, Symantec states that there's the use of few hundred distinct condensed URLs for establishing a connection with the said malware. Also, the company anticipates greater utilization of this method by malware-writers later on.
Meanwhile, with such spam runs being so malicious Symantec recommended end-users that they should maintain every software item of theirs up-to-date so that they didn't get victimized with drive-by downloads. Moreover, according to the company, there were e-mail client and browser extensions which of their own expanded condensed URLs; hence those resulting in other URL-condensing utilities mustn't be relied upon.
Eventually, with the identification of the above mentioned e-mail spam it's yet again evident that distributors of spam mails have started developing own URL-condensing utilities, something that Symantec, within its May 2011 report, indicated.
» SPAMfighter News - 14-07-2011