Analysis by: Cedrick Ramos

Cryptocurrency is the hot new topic nowadays, so it's no surprise that cybercriminals will start to use it as a way to get users to click on their malicious spam mail. For the past few days, we have seen an increase in the number of cryptocurrency-related spam emails.

These spam mails uses the pump-and-dump technique in delivering their contents. Pump-and-dump refers to investment schemes that aims to publicize and promote certain stock by using exaggerated statements to artificially increase the price through higher demand.

The spam emails comes in numerous variants. Some come in as plaintext emails while some arrive with possibly malicious URLs in the text body. We can also observe that the senders of these spam mails are somewhat random. Notably, the most popular variants refer to Bitcoins and Swisscoins in their mail content.

This rise of cryptocurrency-related spam emails can be due to the fact that more and more people are getting interested in these cryptocurrencies. These spam emails do not pose malware-related threats, however, they can and do flood the victim's mailboxes, which can be a source of inconvenience.

All aspects of this particular spam campaign are blocked by Trend Micro solutions.

 SPAM BLOCKING DATE / TIME: January 17, 2018 GMT-8
  • ENGINE:8.0
  • PATTERN:3600