Wednesday, September 17, 2008

Spam Campaign Abusing Yahoo's Services

Think spammers.Yahoo.com trusts Yahoo.com, consequently, a spam campaign that using bogus Yahoo.com email accounts, and spamming only Yahoo users with links to Yahoo's search engine using queries leading to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 exact spammer's URLs, is almost 100% sure to make it through spam filters. That seems to be case with this spam campaign perfectly fitting into cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "spam that made it through" category.

Sample search queries resulting in a single result with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 spammer's URL :
- yahoo.com/////////////////////////////search/search;_ylt=?p=())))))))))))))callfold(((((((((((((((()))))))))))((((()))))))5000)))))))))))(((((((
- search.yahoo.com/search?p=(((((())))))))((((((((((((((housetear((((())))))(((((((())))))))(((((((((5000((((((())))))))))))))))))))
- yahoo.com/search/search;_ylt=?p=]]]]]]]]]]]][[[[[[galestay[[]]]]]]][[[[[[[[[[[[[[[[[[[[$229[[[[[[[[[[[[[[[[[[[]]]]
- yahoo.com/search/search;_ylt=?p=(((((())))))))))galestay((((((()((((((((((((((((($229)))))))))))(((()
- yahoo.com/////////////////////////////search/search;_ylt=?p=))))))))))))))(((((richorbit((((((((((((((())))))))))))((((((())))))$229)))))))))))(((((((
- yahoo.com/////////////////////////////search/search;_ylt=?p=))))))(((())))))))))richorbit((((((((((((())))))))((((((((((((((((((((((((((((($229))))))((((())


The search queries lead to galestay.com; housetear.com; callfold.com; richorbit.com with several hundred spam domains participating in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 campaign parked at 218.61.7.21 and 220.248.185.64.

With CAPTCHA solving and automatic account registration getting easier to outsource next to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 easily obtainable segmented email databases of a particular ISP or web based email service provider, launching such a campaign requires less efforts than it used to before. Interestingly, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 spammed through Yahoo emails never leave Yahoo Mail since it's only spamming Yahoo users according to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 extensive number of emails CC-ed.

What's to come in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 long-term? With an entire spamming infrastructure build on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 foundation of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hundreds of thousands of bogus accounts at legitimate services, spammers are already starting to embrace cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 "legitimate sender" mentality and are working on ways to integrate that infrastructure in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir spam systems, evidence of which can be seen in several different managed spamming services.

Related posts:
Microsoft’s CAPTCHA successfully broken
Gmail, Yahoo and Hotmail’s CAPTCHA broken by spammers
Spam coming from free email providers increasing
Inside India’s CAPTCHA solving economy