Analysis by: Emmanuel Nisperos

Pharmaceutical spam isn't necessarily a malicious type of spam, but there exists the potential for them to lead to malicious or scam sites, so we always advise users to keep clear of them. This time is no different, as we spotted a new batch of samples that purported themselves to be urgent notifications from sites of general interest, such as Facebook, Youtube and Instagram. All of them were formatted to resemble the notification they were aping, and sported different embedded links, but they all lead to the same landing page - a pharmacy website. Other samples we found related to this particular spam campaign imitated notifications from eBay and Amazon as well.

Users should always keep in mind that spam, no matter where it leads to, should always be treated with suspicion, and must be deleted immediately.

Trend Micro products blocks all the samples related to this spam campaign.
 SPAM BLOCKING DATE / TIME: 18 February 2014 GMT-8
 TMASE
  • TMASE Engine: 7.5
  • TMASE Pattern: 0512