Everything, Everything

On March 30th, spammers began a campaign with a link to a Russian website with the promise of revealing pictures of Britney Spears (despite the fact that most people can find them using Google). The site contained a script that pointed at Microsoft Windows' animated cursor vulnerability that could officially be patched as of yesterday. At this stage the emails don't contain graphics (a typical tactics used by stock spam to evade anti-spam software), but cycled their subject lines in an attempt to avoid detection, as shown in a blog entry by Sophos:

2007/03/30 14:21:10 birtney psears nakde
2007/03/30 14:26:58 birtney speasr nkaed
2007/03/30 14:34:04 britnye speras anked
2007/03/30 14:39:20 briteny psears nkaed
2007/03/30 14:40:15 britnye speasr nkaed
2007/03/30 14:40:23 rbitney spaers nakde
2007/03/30 14:40:24 rbitney speras anked
2007/03/30 14:42:48 rbitney speasr nkaed
2007/03/30 14:42:58 britnye speras nkaed
2007/03/30 14:44:16 birtney speasr nkaed

Since the initial campaign, the attack has evolved, and now use subject lines such as "Hot pictures of Britiney Speers" as well as an embedded image of the scantily clad pop star (that links to a malicious website which attempts to use the animated cursor exploit). I must admit, the tactic sounds rather crude, and I can't see myself falling for it, but others might. Just in case, you can view the Sophos blog entry and see a screenshot of one of the spam emails, complete with the scantily clad embedded image. Enjoy!