Is it just me or are spammers getting lazy?
I ask as the latest trick being used by them, that I’ve seen recently, seems to be to get the recipient <victim> to click on one of two buttons in the spam email. Nothing odd about that right? Normal tactics to get victims to go to a fake or booby-trapped website.
However, this is not the case, and there appears to be no malicious code or links in these, so what does it do when you click on one of the buttons in the email?
If you hover over the button, you will see lots of mailto: links (which will send email to the intended recipient specified), in this case it includes not just one mailto: but usually between 10 and 30! So if you clicked on one of the buttons, it simply sends the same email to a bunch of other email addresses…
Furthermore, It makes no difference which button you select as they both do the same thing!
Here’s an example using Facebook as the spoofed sender, but I’ve also seen ones that use FedEx, Google and a whole load of other well known brands….
And here’s one claiming to be from Google:
Please be careful out there…
Anyone out there have any idea why they are using this technique?