Wednesday, October 8, 2008

Spammer campaign exploits email read receipts

In the past month we have seen a new wave of malicious spam which relies on requests for delivery confirmations of unsolicited emails. http://www.scmagazineus.com/Spammer-campaign-exploits-email-read-receipts/article/119130/ This spam has 3 traps in it.

First, if you read the message and allow images to be displayed, the retrieval of the image will cause your email address to be placed in the spammers list of valid addresses.

Second, if you delete the email message, and don't have "ask me before sending a response" or "never send a response" turned on in your email tracking options tools menu, an email return receipt confirmation will be automatically sent to the spammer when you delete the message, verifying the validity of your email address.

Third, if you choose the unsubscribe or opt-out option contained within the email message, you will again cause your email address to be placed in the spammers list of valid addresses.

This highlights how important it is to disable the email preview option of your email application, especially if you don't block images from being loaded. Additionally, check how your email application handles read receipts/confirmations, you may be telling spammers that they have a valid email address simply by deleting the message, which will invite even more spam.