Phishers Use Spam to Hide Their Crime

Researchers have detected a new type of spam with a very malicious twist. Carefully targeted spam campaigns aimed at specific individuals have been discovered. This campaign bombards the recipient with a deluge of spam, upwards of 60,000 a day or more. This makes the recipient’s email account basically unusable as the extreme amount of spam is overwhelming. It may also prompt their ISP to disable the account due to the heavy load it places on their servers.

Screen shots of several emails show what is essentially gibberish. “Every email is different as well, nearly perfectly randomized, though if you comb through them carefully, you will begin to see some repeated content,” Fred Touchette, a security analyst manager at AppRiver wrote. “The emails themselves are obviously botnet-delivered too, because all of the senders are different, usually freemail providers, the sending IPs are all different, and the rate at which they’re arriving would make one’s head spin, ” he told CSO Online.

Why is this happening? Is it a botnet gone wild? Did the user somehow make themselves a spam magnet? No, but they are probably a victim of something far worse-identity theft.

Experts speculate that these types of spam attacks, dubbed Distributed Spam Distractions,  are designed to keep victims of phishing scams and other thefts of personal info from figuring it out. The crooks hope the flood of spam will keep them from seeing the order invoices, balance transfer notices and other evidence of what they’ve been up to. Incredulously, there are also reports of some victims having their phone numbers flooded with calls too, to keep credit card companies and banks from calling or texting with fraud alerts. It kind of smacks of desperation by cybercriminals, who have resorted to the most basic of attempts to cover their tracks long enough to make off with their ill gotten gains.