14 DAY TRIAL // On Tuesday, Cisco identified a massive Canadian pharmacy campaign that apparently relied on the notorious Kelihos botnet to send out a large quantity of spam emails entitled “Only 24 Hours Left to Shop.”
While such spam campaigns are not uncommon, there is one interesting aspect about this one. The spammers are using an old-school technique to make sure a large number of users receive the messages.
Instead of using some method to bypass spam filters, the crooks send out a massive amount of emails. Even if spam filters block out 99.99% of the messages, the remaining 0.01% that reach their destination still represent a considerable amount.
Another noteworthy thing is that the Canadian pharmacy website that’s promoted in the campaign is designed to track the location of visitors and other information.
“They are tracking not only the country where the visitor is from, but there is a site identification number, a ‘heatmap’ cookie, a session identifier which lasts far into the future, and a ‘holiday’ cookie set to the value of ‘usps’. In any case, this pharma gang is definitely intent on tracking their loyal customers and other visitor,” Cisco’s Jaeson Schultz noted.