Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

CNN spam

CNN spam

  • Comments 26

I've been seeing some CNN spam the past few days, that is, spam in the form of breaking news stories from CNN.com.  Below is a sample:


These all look like legitimate news stories, and indeed, they probably are taken straight from an actual CNN news bulletin (I don't subscribe so I wouldn't know).  Indeed, the unsubscribe information and Terms of Use actually link to actual CNN unsubscribe pages.  However, if you mouse-over all of the news links, they go to a spam web page wherein the payload is either a spam advertisement or you click on another link to download a file and flip your computer into a botnet.

This is just another spam message disguised as a legitimate entity.  Technically, this is not phishing, it is spoofing.  It's certainly a clever looking one, to be sure, as it appears legitimate.

Leave a Comment
  • Please add 5 and 2 and type the answer here:
  • Post
  • I clicked on the "unsubscribe" link at the bottom, thinking that I had inadvertently signed up for a daily top 10 from CNN, because I often visit that page to catch up on the news.

    Does anybody know if clicking on this unsubscribe link could cause a virus to activate and if so, is there any known solution out there to get rid of it?


    Richard Aberdeen


  • Your blog and all comments were really helpful. We need more good guys like you. Thanks.

  • Recieved a couple of these as well.

    Links to rosteh-komplekt.ru in my latest one.

    Missing plugin was identified as a variant of the W32/Nuwar Worm via Nod32.


  • Richard - The links at the bottom (unsubscribe, etc.) are legitimate; I went to them myself and tested them against navigating to the same pages from CNN.com itself.  It's just the news story links that are wonky.

  • It is absolutely impossible to get rid of the CNN spam; I've been trying to unsubscribe several times through their system, where I'm forced to agree to their stupid policy before unsubscribe, but I still get the same spam.

  • When I first began to get these CNN emails, I hovered my mouse over the HTML link and looked to see the actual address which was usually in Russia (not always).  I also looked to see the email address who sent it (not always the truth either) but in these CNN SPAM emails the return address was never CNN but instead was different email addresses every time.

    To be safe, just never use a link in an email.

    For those of you complaining that unsubscribing at CNN doesn't work . . .  Duh.  Since CNN didn't send it how can they unsubscribe you?  It's SPAM.  The links connect you to a hijacked server, not CNN.  It's people like you that fall for these kinds of trojans.  If you don't know to NEVER click on a link in an email . . .

  • Getting about 15 a day of these and getting annoyed. Thanks for the tips above. Guess I'll be setting my preferences this morning

  • If I recall correctly, this spoofing that then delivers a payload of spam or a botnet download is a kind of "Joe Job".

  • and now, I not only getting these CNN alerts, but I am getting basically the same spam but as MSNBC news alerts.

  • All the email accounts I use a lot have been flooded out with the fake CNN emails. So I set up filters to stop them but now, like ron sercely, I'm getting the MSNBC ones.  It's a real pain.  Why can't there be international co-operation to put these crooks out of business and to get tough with the ISP's that allow it to happen?

  • Ive gotten 15+ of these in the last week, also from "MSNBC breaking news". Became suspicious when I saw the weird URLs. Didn't know what to think,as they do look official Thankfully did not open any stories.

    Thanks for the blog!

Page 2 of 2 (26 items) 12