Not all cybercriminal activity is sophisticated.
For instance, here’s a spam message I saw today, claiming to be a communication from Google:
Subject: Consideration
Message body:
Thank you for taking the time to contact us.Within two weeks we should be able to provide you with a decision in regard to your question, and we want you to know that we will be giving your question our fullest consideration.
We would like to thank you again for your time and consideration and will be in touch with you as soon as we have some definitive information for you.
Also you can track your request by visiting our Tracking System Page.
Yours very truly, Venessa Robison.
There’s no personalisation in the email text to lure me into believing the email is genuine, no attachment containing a malware payload, and clicking on the link doesn’t even take me to a phishing webpage which will ask me to enter my Google username and password.
It’s just some generic wording, sent from a forged email address ([email protected]) – an email address used legitimately by Google for communications about their tools for webmasters.
So, what is the point of the spam? Well, if you click on the link you will be taken (via a redirect on a Brazilian webpage) to a “Canadian Pharmacy” website trying to sell you Viagra and other drugs to improve your performance between the sheets.
Yes, it’s hardly the most convincing sales spiel.
But the fact that we keep seeing such unsophisticated tactics used by the spammers to earn cash for themselves suggests that it *must* work. They simply wouldn’t continue using such sledgehammer techniques to promote their websites unless a small proportion of people who were duped into clicking on the link from the bogus Google email *did* end up buying something to perk up their sex life.
Which, frankly, is a bit sad.
Remember our spam pledge?
If you never buy goods promoted via spam, life becomes much harder for the spammers. And maybe they’ll have to find something else to do with their time.
