October 7, 2008 By News Report
Researchers from BitDefender have detected a new wave of spam messages that use a mix of "read receipts" and "unsubscribe" links to trick users into verifying the targeted e-mail addresses are valid and active. The spam campaign advertises medication for sex life improvement, such as male enhancement drugs, and when the user clicks the "unsubscribe" or "opt-out" link, it verifies for the spammer the e-mail address is valid and active, allowing the user to receive additional spam. The "read receipt" is used in a similar fashion. Under normal circumstances a "read receipt" confirms the user had received and read the message. When a spammer adds a "read receipt" to a message and the user clicks on it, it simply proves the e-mail address is legitimate and active.
To keep a system spam-free, users should adhere to the following guidelines:
"Users should be aware that without the appropriate security solution, the integrity of their systems is at an extremely high risk," said Vlad Valceanu, head of BitDefender's anti-spam research. "This new 'read receipt' and 'unsubscribe' spam campaign is causing a high rate of infections and proving once again the cyber-criminals' ingenuity and the increased sophistication of spamming methods."
You may use or reference this story with attribution and a link to