Spammers follow the path of supertyphoon Haiyan

Spammers follow the path of supertyphoon Haiyan

Megastorm's ground zero in central Philippines – Tacloban – is launching pad of a new large directory harvest attack.

Haiyan’s ground zero - Tacloban, in central Philippines – is the takeoff pad for a new large directory harvest attack (DHA).

Symantec says attack is launched to check the validity of an email directory or emails related to a targeted email server.

The goal is to collect information and prepare a platform to launch a massive spam campaign on that particular site once a database is in place.

Rejected emails return as bounce or non-delivery report/receipt (NDR) and the rest is concluded as legitimate. The valid emails will then be bombarded with a raft of spam, phish and malware laden email.

Related: Phishing attack starts with a 'cold call'

Symantec says the email’s structure is very simple. The headers and body content are taken from a news article of a reputed news channel that was published around 14 November 2013. The alias in the From line and the subject line contain randomisation at the end to prevent being caught by the spam filter detection.

Symantec advises users to configure directory harvest attack recognition to protect their website, and to update their spam filter algorithms to repel these attacks.

Related: Vodafone NZ provides support for Philippines

Follow Divina Paredes on Twitter: @divinap

Follow CIO New Zealand on Twitter:@cio_nz

Sign up for CIO newsletters for your regular updates on CIO news, views and events.

Join us on Facebook.

Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags cybercrimedisaster recoveryphishingemailBusiness ContinuityPhilippinesspammerTaclobanDirectory harvest attackHaiyan

More about FacebookSymantecTwitterVodafone

Show Comments