The Internet community has been pestered with yet another wave of spam mails recently. The new type of spam contains fake membership information and e-cards.
The spammers use two attack vectors if you click on the IP link that is listed in those emails. They try to convince you to download a program called Secure Login Applet which is nothing more than an infected executable named applet.exe and also probe your computer to see if it can be exploited by several known vulnerabilities.
The mails are send out with various subjects such as Internet Dating, Member Details and New Member Confirmation and contain (fake) username and password information as well as a link that is always shown as an IP address. I created a screenshot of one of the messages that I received today, take a look:
I was not able to identify any recurring information used in the header of the emails but fortunately for us the body contains information that are present in every spam mail send out by the spammers up until now.
You always find a link to an IP address in those mails and we can use this information to filter out these emails. I will explain a step by step tutorial on how to setup the filter in Thunderbird, other mail clients should offer a similar functionality.
If you have done everything correctly it should look like the following:
This mail filter makes sure that every mail that contains a link to an IP address will be moved to a folder that you specify. I decided to move the mails instead of deleting them right away because it is theoretically possible that you do receive an IP link in a mail that is not spam.
If you think that this is highly unlikely you can change the move to command into delete to delete the spam mail right away. Let me know if you have any questions or difficulties setting up this filter.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.