Analysé parJan Lemuel Gonzalvo

As the world mourns the death of rock star icon David Bowie, cybercriminals are quick to leverage this tragic news for their social engineering ploys. Unlike spam runs where one can immediately see such lures in the email subject or attachment, this spam email use hidden keywords about David Bowie in the email’s code. This is done perhaps to evade detection on the system. The email subject also pertains to notable news to trick users into thinking that this is a legitimate email. When unsuspecting users clicked the link in the spammed email, it points to a malicious website.

Figure 1. Email code containing David Bowie keywords

Trend Micro protects users from spam runs such as this by detecting the spam and blocking the malicious URL. We recommend that users remain vigilant and to verify first the authenticity of any email they receive even if it’s from a legitimate source.

 Spam Blocking Date/Time: : 11 janvier 2016 GMT-8
 TMASE
  • TMASE Engine: :
  • Patrón TMASE: atures du moteur TMASE: :22060