A new spam trend that we have seen over the past month or so are 419’s with Word attachments. This isn’t a widespread trend (it’s not like we are getting tons of 419’s like this), nor is the idea of sending spam with attachments new. Instead, it’s a recycled technique that hasn’t been seen in a while.
Upon opening the attachment (and first running a virus scan, of course):
And yada, yada, yada…
Spammers rotate through their tactics all the time. I’m not sure why they do stuff like this. Presumably, they did it before but then moved away from it because putting stuff into attachments results in fewer click throughs and responses. But the reason they do it in the first place is because they believe that spam filters cannot filter attachments that contain spammy content, they only look at the HTML source. This belief, of course, is misguided.
My theory is that the spammers who send spammy attachments are new generation spammers that think that they are trying something innovative and never seen before. They are wrong, this technique is not new, it’s just new to them.
It’s interesting to see new spammers rear their heads.