On Thu, 12 Apr 2007 16:22:03 -0400 <[EMAIL PROTECTED]> wrote: > Well, the email address associated with that article just received > an Arizona State Credit Union phish. It had never received one of > those before. > > Man, spammers are predictable and funny.
One trend I've noticed recently is that spammers appear to be tailoring the subject headers to individual recipients. I'm not talking about the crap where they stick your name in the subject, it seems they're getting much more specific, and perhaps tracking where they picked up an email address to begin with and which sort of subject lines might pique the recipient's interest. I receive a lot of spam where I glance at the subject - even if SA has tagged it - and actually have to wonder whether or not it's a legit message, because the subject is relevant to my interests. A quick example, Subject: The Redirect requests to SSL port option allows you to redirect requests to the specified SSL port. I do a lot with SSL, so naturally I opened up that email just to see what the heck they're on about. Of course it turns out to be a stock spam for CYTV. But I get a lot of spam now with unix-ish, programming, or other geek related subject lines that I have to take a look at because they _could_ be legit. This phenomenon - spam with subjects that would be on-topic for mailing lists I subscribe to, or even random communications from folks - seems to be a fairly new thing over the past couple of months. It's as if some spammer has actually built a database to correlate emails with where they found them, in order to guess at subject lines that might be more tempting. Anyone else seeing this trend? I'd be curious especially to see whether or not they're "targeting" folks in non-IT roles. For example, do we have any veterinarians on the list who get stock spam with subjects related to animal husbandry? -s _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
