While lovers prepare their romantic treats for Valentine’s Day, spammers find it perfect timing to get to work, according to a security expert at leading secure content and threat management solutions developer Kaspersky Lab.
Kaspersky Lab Senior Spam Analyst Maria Namestnikova said in an entry in the official company blog Securelist, that “spammers look for a way to attract the attention of users, for example using in the subject line and in the body of the text of a mail-out message ‘attractive’ words that prompt users to open a message.“
She said the newest of such “attractors” in the spammer world has become the word “coupon”. She explained that this is often simply substituted for the word “discounts” to attract attention to goods and services.
Namestnikova revealed that another promotion tactic that companies use is “coupon spam” where companies put their offerings on a coupon service and then via spam advertise them to try and reach a bigger audience.
However, the security analyst observed that it’s not very effective. “The level of trust in firms which advertise via spam is very low. Plus, users’ annoyance normally only cancels out any advantages from using such methods instead of increasing it,” she said.
Use of coupon services is a completely legitimate method of advertising. But Namestnikova advised against buying deals through discounted coupon saying “coupon services popularity brings with it potential threats of phishing attacks.”
“Phishers can be interested in users who have funds in their accounts with a coupon service — funds which they can spend immediately when an offer takes their fancy,” she said.
Namestnikova shared these three simple rules to avoid falling into the trap of spammers and phishing attacks:
1. Don’t open e-mails from coupon services to which you aren’t registered in. First, this secures you against phishing attacks or mail-outs of malicious code. Second, if a spammer’s e-mail turns out to be simply a commercial offer, you reduce the number of responses, making the work of the spammers less profitable.
2. If in an e-mail from a coupon service to which you are registered asked you to verify your account via a link or to some other way present your login and password – don’t do this under any circumstances. Remember that large organizations never ask you to send your login and password via e-mail. Any such request must be considered as an attempt at stealing your account.
3. If you get a message from a large service stating that you’ve obtained some coupons, when in fact you never ordered any, don’t open the message, and more importantly, don’t download anything via the e-mail. There is a high probability that what you do will be malicious.