Security Basics mailing list archives
Re: New Spam Technique
From: "Chris Halverson" <darus.integration () gmail com>
Date: Mon, 23 Jul 2007 13:47:02 -0600
This should be more on the shoulders of Adobe to remedy. IMHO On 7/23/07, Wheeler, Eric <EWheeler2 () zebra com> wrote:
I was trying to think of a way to block this but its rather difficult when the email + the subject line + the attachment + the attachment contents are different every time -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Banyan He Sent: Saturday, July 21, 2007 9:41 AM To: WALI Cc: tony barry; Security Basics Forum Subject: Re: New Spam Technique Bad news, that pdf attachment contains the advertisement or the image. Actually, there is no appliance works on this perfectly. The pdf size should be big or small. WALI wrote: > Read, the nuances of catching pdf spam: > > http://www.techworld.com/security/news/index.cfm?newsid=9031 > > ----- Original Message ----- From: "tony barry" <tony () no-bull co nz> > To: "Security Basics Forum" <security-basics () securityfocus com> > Sent: Thursday, July 19, 2007 11:04 PM > Subject: New Spam Technique > > >> Hi List, >> >> We operate several mail servers with catch all accounts and have noticed >> a lot of Mailer Daemon 'delivery failed messages mails from genuine >> sites (mostly German)arriving recently. It would seem the spammers are >> sending out e-mails with a PDF attachment and a forged senders address >> to bogus recipients at these organizations whose mail server rejects the >> message and sends notification to the forged sender. We have opened one >> attachment on an isolated machine and it was one of the 'watch these >> stocks they're going through the roof messages (not exactly sure of the >> details as my German is a bit rusty). My concern is that there could be >> a 'payload' embedded in the PDF. Is this possible? >> >> >> -- >> The Simple Server Company >> PO Box 51528 Pakuranga >> Auckland >> >> 021 413642 09 5768552 >> >> http://www.simpleserverco.com >> >> This e-mail and any attached files transmitted with it are confidential >> and intended solely for the use of the addressees. If you have recieved >> this e-mail in error please inform the sender by sending a reply and >> delete this message. > > -- --------------- Banyan He Email&Web Security MSN: banyan.he () hotmail com Skype: banyan.he Email: banyan () rootong com http://www.rootong.com - CONFIDENTIAL- This email and any files transmitted with it are confidential, and may also be legally privileged. If you are not the intended recipient, you may not review, use, copy, or distribute this message. If you receive this email in error, please notify the sender immediately by reply email and then delete this email.
Current thread:
- New Spam Technique tony barry (Jul 19)
- Re: New Spam Technique Jan Heisterkamp (Jul 20)
- RE: New Spam Technique Nick Duda (Jul 20)
- RE: New Spam Technique Ficks, Andrew (Jul 20)
- Re: New Spam Technique WALI (Jul 20)
- Re: New Spam Technique Banyan He (Jul 23)
- RE: New Spam Technique Wheeler, Eric (Jul 23)
- Re: New Spam Technique Micheal Espinola Jr (Jul 23)
- Re: New Spam Technique Chris Halverson (Jul 23)
- RE: New Spam Technique Ben Greenbaum (Jul 25)
- Re: New Spam Technique Banyan He (Jul 25)
- Re: New Spam Technique Banyan He (Jul 23)
- <Possible follow-ups>
- RE: New Spam Technique Isaac Mbuthia (Jul 20)
- RE: New Spam Technique Chinnery, Paul (Jul 20)