Sandy Storms Inboxes

Hurricane Sandy, one of the most devastating Superstorms in decades, hit the US East coast. Causing the loss of lives and businesses and leaving countless people without electricity, Sandy has now added spam to its list of misery. We are observing spam messages related to the hurricane flowing into Symantec Probe Networks. The top word combinations in message headlines are "hurricane – sandy", "coast – sandy", "sandy – storm", and "sandy – superstorm."

Figure 1. Message volume over a two-day period

Typical spam attacks like "Gift card offer" and "Money making & Financial" spam are currently targeting the disaster. Below are the screenshots of some spam samples.

The following are examples of subject lines seen in the spam messages:

  • Help Sandy Victims and get $1000 for Best Buy!
  • Sandy Strikes... [WARNING]
  • Deposit Processing Open Today (Frankenstorm doesn't stop us)

Spammers taking advantage of disasters is nothing new. Previously, for example, we witnessed phishing and spam campaigns using the Haiti earthquake as a means of spreading. We anticipate fake news, photos, donation requests, 419 scams, phishing campaigns, and malicious video link attacks will be seen over the coming few days.

We advise users to follow best practices while online. Users are advised to type website addresses directly into their Internet browser for any online video rather than clicking on links contained in emails.

Finally, never donate money or buy products through wire transfer services or similarly untraceable methods of payment. Instead, reach out to the storm victims through legitimate and secure channels.

As always, we will be continuously updating our anti-spam filters to block these emails from reaching users. 

Thanks to Anand Muralidharan for contributing to this blog.