Youtube Spam with Malware Links

Yesterday we highligthed an issue of spam from several different sources that when a user clicked on the included links they were brought to a site with malware on it. Today we have another version of this spam, and they are impersonating Youtube. For our Postini customers we have created a custom filter to block these messages and place them in the Quarantine (in case there are false positives).

Postini Content Filter

  1. Login to your Postini Administrative Console
  2. Access the User Org
  3. Access Content Manager
  4. Create new custom rule with these parameters
    Match: All Rules
    Subject Line – Contains Text: Welcome to Youtube
    Entire Message – Contains Text: http://lifetimewebaddress.com/amazon.html
    Entire Message – Contains Text: lifetimewebaddress.com
    Routing: Delete (Blackhole)
    Copy to Quarantine: Add Quarantine Address: Recipient

  5. Hit Save and this filter will be applied. We chose to send it to the Quarantine in case this filter catches any false positives.

Example of Spam Message

MxToolbox has partnered with WebRoot to offer Web Filtering to protect your network from attacks through the web browser. For more details on the protection that this program can offer, go here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s