14 DAY TRIAL // A lot of Typhoon Haiyan-themed spam and scam emails have been making the rounds over the past weeks. Now, experts from Symantec have come across an interesting spam run.
Emails bearing the subject line “Typhoon: After battle to survive, the struggle to live 26488” have been landing in inboxes.
They read something like this: “TACLOBAN – People who clung to power cables or cowered in concrete buildings as an apocalyptic storm blew through the Philippines may have thought they were lucky to live, but for many, the struggle to survive has only just begun.”
The email doesn’t contain links, attachments or other instructions. In fact, the text is taken from an ABS-CBN news article on Typhoon Haiyan. So why are spammers sending out these emails?
According to Symantec researchers, the spam run is part of a Directory Harvest Attack (DHA). These attacks are launched to check if an email directory or email addresses from a targeted email server are valid.
The Non-Delivery Reports received by the spammers allow them to make a list of valid email addresses that they can target in future campaigns. DHAs actually represent the intelligence-gathering phase of a large spam run.