In a recently spotted spam run, 419 advance fee scammers have taken this approach to another level: they are misusing CNN.com's “Email This” feature.
As an added bonus, they are tying the request (made allegedly by the "financial minister of Syria") with a legitimate article about the volatile situation in that country:
To do this is easy as inserting the email of the victim, the email of the sender, copy-paste the scammy text into the appropriate form, and solve the CAPTCHA:
Perhaps they even managed to get their hands on a tool that fills out part or all of these fields automatically.
"This isn’t the first time we’ve seen them abusing a legitimate Web site’s 'Email This' feature," says Webroot's Dancho Danchev.
"Followed by the most recent abuse of Google Calendar, we’ve also observed 419-ers abusing legitimate Web sites back in 2009 (Dilbert.com and NYTimes.com), and we believe we’ll continue seeing such type of abuse, taking into consideration the fact that 419-ers are constantly seeking for new and pragmatic ways to bypass anti-spam filters."
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.