Proofpoint: Security, Compliance and the Cloud

February 02, 2010

Spam Sighting: Google Maps Exploit Being Used to Send Spam

I've seen a few reports of this from random folks on Twitter, but now the Scott Panzer over in the Proofpoint Attack Response Center has confirmed that we have samples of spam messages that appear to be exploiting Google Maps to send spam.

The messages, which have subject lines like "[email address] sent this to you using Google Maps:" followed by some additional (possibly randomized) text, don't contain a link to a Google Map, but instead have a link to a spam payload hosted at imageshack.us.

The image spam payloads advertise old standbys like Canadian Pharmacy (you know, in case you needed a source for "cheap Viagra").

The messages seem to be exploiting a weakness in Google Maps (either an exploit that gets around Google Maps CAPTCHA or an automated way to break Google Maps CAPTCHA) that results in the message being sent from Google servers... Which means that the messages are also DKIM signed as valid Google email.

While we've not seen very high volumes of this sort of spam (yet?), I'm assured by the PARC team that Proofpoint Spam Detection now blocks any of these spam messages that may have been evading detection.

Posted by Keith R. Crosley at 4:41 PM
Anti-spam, Email Security

Technorati Tags: , , , , , , , , ,

Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a010535f33a5b970c01287756cef3970c

Listed below are links to weblogs that reference Spam Sighting: Google Maps Exploit Being Used to Send Spam:

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Its very awful to know. Insinscere messages were being sent but their only pupose was for spamming.
I hope there could be way to get rid of this spammers. Tahnk you for this valuable information.

Posted by: Armil @ google maps business | March 01, 2011 at 12:34 PM

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Archives

Blog Search

Email Security Gateways, 2011

Magic Quadrant

Recent Posts

Blogroll

Tweets

Follow us @Proofpoint_Inc »

What people are saying right now about us.

©2012 Proofpoint, Inc.
threat protection: Proofpoint Enterprise Protection compliance: Proofpoint Enterprise Privacy governance: Proofpoint Enterprise Archive secure communication: Proofpoint Encryption