Cybercriminals Use David Bowie as Keywords in Spam

 Analysis by: Jan Lemuel Gonzalvo

As the world mourns the death of rock star icon David Bowie, cybercriminals are quick to leverage this tragic news for their social engineering ploys. Unlike spam runs where one can immediately see such lures in the email subject or attachment, this spam email use hidden keywords about David Bowie in the email’s code. This is done perhaps to evade detection on the system. The email subject also pertains to notable news to trick users into thinking that this is a legitimate email. When unsuspecting users clicked the link in the spammed email, it points to a malicious website.

Figure 1. Email code containing David Bowie keywords

Trend Micro protects users from spam runs such as this by detecting the spam and blocking the malicious URL. We recommend that users remain vigilant and to verify first the authenticity of any email they receive even if it’s from a legitimate source.

 SPAM BLOCKING DATE / TIME: January 11, 2016 GMT-8
  • PATTERN:22060