Dynamoo's Blog

Another day, another spam campaign leading to the Blackhole Exploit Kit. Date:      Wed, 7 Dec 2011 08:33:03 +0000 From:      "::Bet...

An interesting twist on malware spam: Date :      Tue, 6 Dec 2011 10:19:25 +0530 From :      "MARIE Grover" [victimname@hotmail...

I don't know what has been going on with spam for the past couple of weeks, but there has been a tidal wave of the same old spam hammeri...

There's nothing particularly new with this IRS spam, but because spammers are stupid , all the examples that I have seen today have an i...

This scam has been around for a while, it's part of a nasty cluster of scam sites that have an Australian connection . The spam comes ...

What's wrong with this spam? Date :      Thu, 1 Dec 2011 17:55:30 +0900 From :      "LinkedIn" [linkedin@em.linkedin.com] ...

Another fake job domain, working-ca.com seems to be part of this long-running scam . I hadn't spotted this one before, so thanks to our...

Here are two new domains promoting fake jobs: jobinhollandart.com and europjobs.eu This series of emails seems to be different from this ...

Some of the recent surge of spam emails going around uses a set of .ru domains with a discernible pattern of b*redret.ru. Blocking these a...

Another virus-laden email, technically very similar to this one yesterday : Date: Wed, 23 Nov 2011 08:28:46 +0700 From: Saffi@victimdoma...

Here's a piece of fairly clever social engineering: Date:      Tue, 22 Nov 2011 12:48:52 +0200 From:      "LILLIE Stinson" ...

Yet another ACH / NACHA / whatever scam email, they go something like this: Date:      Tue, 22 Nov 2011 10:42:43 +0100 From:      "Th...

Here's a fake Firefox upgrade message circulating by email: From: Mozilla Firefox [mailto:firefox-update@plrja5f2.fireefox.com] Sent:...

Only a real idiot would send spam to a spamcop.net address. Here is a real idiot: From: Rock Cruit Management 3dhgubesch@hochrather.at R...

Following on from yesterday's post , there have been many, many more of these emails with slight variations, presumably ending up with a...

I'm not sure if these three incidents are all related or are just using the same approach, but here goes. Date :      Mon, 14 Nov 2011...

This is a pretty common virus laden email: Subject: ACH Transfer was not accepted by our bank Dear Bank Account Operator, I regret to ...

If you work in IT Security, you'll probably remember the names EstDomains and EstHost, part of a criminal organisation called Rove Digit...

193.106.174.220 and 91.194.214.66 and are a pair of IP addresses that appear to be involved in injection attacks, possibly distributing the ...