Youtube Spam with Malware Links

Yesterday we highligthed an issue of spam from several different sources that when a user clicked on the included links they were brought to a site with malware on it. Today we have another version of this spam, and they are impersonating Youtube. For our Postini customers we have created a custom filter to block these messages and place them in the Quarantine (in case there are false positives).

Postini Content Filter

  1. Login to your Postini Administrative Console
  2. Access the User Org
  3. Access Content Manager
  4. Create new custom rule with these parameters
    Match: All Rules
    Subject Line – Contains Text: Welcome to Youtube
    Entire Message – Contains Text:
    Entire Message – Contains Text:
    Routing: Delete (Blackhole)
    Copy to Quarantine: Add Quarantine Address: Recipient

  5. Hit Save and this filter will be applied. We chose to send it to the Quarantine in case this filter catches any false positives.

Example of Spam Message

MxToolbox has partnered with WebRoot to offer Web Filtering to protect your network from attacks through the web browser. For more details on the protection that this program can offer, go here.

Leave a Reply