Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English

Spammers quick on the draw

Spammers quick on the draw

  • Comments 4

One of the techniques that spammers use is to borrow a headline from the news and use it as a subject line in their message.  This is designed to confuse filters and people alike because it looks like a legitimate message in your email client if you merely examine subject and sender (but the email address gives it away).

Anyways, I got a stock spam today with the subject line "History for Super Bowl Coaches."  This is in reference the Saints-Bears and Colts/Patriots NFL games yesterday (Sunday, Jan 21).  For the first time in history, two black coaches are coaching in the Super Bowl (actually, one black coach would have made history, two is even more so).  Obviously, spammers are watching the news and borrowing headlines for their own purposes, and they are doing it quickly (less than 12 hours in this case).  To me, this suggests one of three possibilities:

  1. Spammers are very familiar with American news stories.  Though their botnets may be world wide, and while they make use of zombies in China, these spammers are most likely based in the United States.  You can bet that most people outside of North America could care less about NFL football.
  2. Spammers are somewhat familiar with American news stories and hedge their bets: they wrote a bunch of different headlines depending on who won the games (ie, had New England won, they'd be sending email with the subject "Patriots go for third title in four years") and have sent out mail accordingly.
  3. The subject lines are random and I am misinterpreting things, or reading something into the subject line that isn't there.
  4. [Update - thanks to Chris Szurgot] Spammers' botnets prowl the web searching for current news headlines, inserting those into new spam messages.

Of the three, I actually think #3 is the most unlikely because I have found that underestimating spammers is generally a bad idea.  I now think #4 is the most likely.

Leave a Comment
  • Please add 2 and 8 and type the answer here:
  • Post
  • I beleive that bots are grabbing headlines from news stories and making up the email to send. I've seen various subject lines that might actual peak my interest, but I've also seen many I could care less about.

    I wish I could understand why spammers think someone would buy something from a poorly worded, spelled and presented email.... Ugh!

  • My vote is #2.

    #1 is incorrect because the spammers are TARGETING people in the US. This doesn't mean the spammers themselves are BASED in the US.TRemember the soccer world cup spam targeted pretty much the entire world excluding the US.

    #3 The Subjects are not random. For each spam outbreak you see the same set of Subjects used over and over again. They may randomly attach one of say 200 subjects, but the themselves phrases are not randomly generated.

    #4 Using botnets to look for headlines would be overkill, and a waste of botnet computing power and spammer sript writting time/skills. How long would it take you to browse top US or European news sites and come up with 200 themed message Subjects? A few hours?

  • Stupore! Amo questo luogo!:)))))))

  • MSN I NIIPET

    <a href="http://msn.com">MSN</a>

Page 1 of 1 (4 items)