Analysis byMark Christian Aquino

With the boom of messaging apps, it's inevitable that cybercriminals will hop on the bandwagon and take advantage of the craze for their own ill-gotten purposes. This has been proven true, as we've received samples of spam messages purporting themselves to be official notifications from popular messaging app LINE.

These spam messages provides IDs that can be used by messaging apps, especially the messaging app LINE to search for people with the corresponding ID.

At first look, these spam emails seems to be completely different from each other but actually follows a simple format and the variations among the emails are quite minimal.

These emails encourage users to click on a link that supposedly leads to a forum website, where they can find their old friends and meet new friends. Should users go ahead and click on the link, they are instead lead to a dating site website instead.

While there is nothing inherently malicious about this spam campaign, it should be known that the cybercriminals behind this spam campaign could've easily linked to a malicious site instead of the forum. Therefore, we advise users to purge spam immediately from their mailboxes.

All the spammed mails and their variants, along with their embedded URLs and all other elements related to this spam campaign is detected and blocked by the Trend Micro™ Smart Protection Network™.
 SPAM BLOCKING DATE / TIME: 21 de lutego de 2014 GMT-8
 TMASE
  • TMASE Engine: :
  • Patrón TMASE: :0520