Another so called social engineered email spam wave appears to be unleashed.
The email subject has a catchy phrase and --when opened-- the spammer provides a link to a fake youTube video. But the youTube link is actually an dotted address that will point to an site where the spammer wants to take the receiver.
Here is an example ot the teasing email subjects --designed to take advantage of natural human curiosity:
- are you kidding me? lol
- HAHAHAHAHAHA, man your insane!
- Dude dont send that stuff to my home email...
- Who is that your with? lol
- LMAO, your crazy man
And under the apparent youTube link that the spammer provides, lurks a totally different site than youTube's. Here is a sample of the actual bare dotted addresses faking the youTube link:
- 67.182.23.128
- 74.130.110.231
- 89.252.7.113
- 82.237.221.10
- 74.114.107.211
- 82.3.102.131
Below is a sample of the written strategies that the spammer will use to drag the receiver to click on the fake youTube link:
- If your mom sees this she this video of you she is gonna freak. see for yourself...
- You need to take this offline, it is in everyones email. :-( this is the link to it.
- If your dad see this video you made, he is gonna kill you. this is the link to it.
- LMAO, I cant believe you put this video online. Everyone can see your face there. LOL take a look, lol...
If possible, open dubious emails that you receive with a text editor so as to remove the formatting by your email applications. By doing so you will effectively be "looking under the hood" of your emails and verifying if the formatted email content matches what you will read in your text editor.
...and the copy-cats scammers that usually follow close behind:
those attempt to entice the receiver to watch an as yet unreleased video to their (also) dotted decimal address (but without the youTube format coverup) with a variant of the above email subject:
- your gonna love this, lol
With an dotted address where the scammer might infect the receivers' machine:
- 74.77.183.119
And with the email body message that may prove irresistible for the receiver since the latter will be "honored" by previewing an "unreleased" video:
- See it before the video is released. Follow the link to get the video:
Once again, if in doubt (sometimes the subject will mention a family, business partner, neighbor, etc.) do not click on the links. If tha latter is disregarded then, once at the scammer provided site, your machine might be infected with an unpatched vulnerability.
You might also use the technique mentioned previously --that is, download the email message into a temporary location and open it with a text editor.