Yesterday we highligthed an issue of spam from several different sources that when a user clicked on the included links they were brought to a site with malware on it. Today we have another version of this spam, and they are impersonating Youtube. For our Postini customers we have created a custom filter to block these messages and place them in the Quarantine (in case there are false positives).
Postini Content Filter
- Login to your Postini Administrative Console
- Access the User Org
- Access Content Manager
- Create new custom rule with these parameters
Match: All Rules
Subject Line – Contains Text: Welcome to Youtube
Entire Message – Contains Text: http://lifetimewebaddress.com/amazon.html
Entire Message – Contains Text: lifetimewebaddress.com
Routing: Delete (Blackhole)
Copy to Quarantine: Add Quarantine Address: Recipient
- Hit Save and this filter will be applied. We chose to send it to the Quarantine in case this filter catches any false positives.
Example of Spam Message