Your one-stop web resource providing safety and security information to manufacturers

There is an increase in the amount of hit-and-run spam attacks, researchers said.

Using the Symantec Global Intelligence Network, researchers noticed the increase in these “snowshoe” spam attacks Thursday coming from .club domains.

New Trojan Targets Banks, For Now
New Trojan Starts from Scratch
Ransomware Infections Drop after Takedown
Cybercrime Costs Businesses $445 Billion

In snowshoe spamming, attackers use multiple IP addresses and generic top-level domains (gTLD) – in this case .club – to perform the attacks and thwart detection by spam filters. The Internet Corporation for Assigned Names and Numbers (ICANN) released a list of gTLDs, which are Internet domain name extensions with three or more characters, earlier this year and .club was one of them.

Some of the “From” header lines in the spam messages include “CarClearanceLot,” “CarSavingsEvents,” and “PriceNewCar.”

Schneider Bold

Symantec said in a blog post they are working “with the administrators of the .club gTLD” to “shut down any spam domains” within its zone.

Pin It on Pinterest

Share This