Mailboxes are now receiving fake Skype upgrade spam sent from hijacked Rhapsody.com mail servers.
The current campaign arrives as:
Subject: New Skype Has Been Releases ! Upgrade Now
From: “Skype” <email@example.com>
In an interesting twist, the spammers involved appear to have hacked and are in control of Rhapsody.com mail servers as the samples we’ve reviewed so far are actually from:
- mta900.e.rhapsody.com ([188.8.131.52]
- mta902.e.rhapsody.com ([184.108.40.206]
- mta903.e.rhapsody.com ([220.127.116.11]
- mta904.e.rhapsody.com ([18.104.22.168]
- mta905.e.rhapsody.com ([22.214.171.124]
- etc., etc.
The spam email itself is as follows:
New Skype Has Been Releases
This is to notify that new updates have been released for Skype.
Following are major new features :
* Up to 5-way group video call.
* Redesigned calling experience.
* Improved video snapshots gallery.
* Improved browser plugins performance on some websites.
* Reduced false positives on browser plugin phone number recognition.
* New presence icons.
* Improved handling of calling attempts made when the user has run out of credit.
* Improved access to sharing functionality
To download the latest version , go to :
Start downloading the update right now and let us know what you think about it.
We’re working on making Skype better all the time !
The people at Skype
Rather than directing the visitor to a legitimate Skype download site, you’re instead headed to “skype-update-center.com” which is a domain just registered (and suing Russian servers) exclusively for the purpose of this spam campaign.
Domain Name: SKYPE-UPDATE-CENTER.COM
Registrar: REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER
Referral URL: http://www.nic.ru
Creation Date: 16-jul-2011
If you visit the links you’ll find yourself at a well designed spam e-commerce page:
The site will offer to sell you Skype software, and also the option to purchase other items of dubious value, including:
Award winning audio recorder for only $14.95 so I can record all my phone conversations.
Award-winning download accelerator” and download up to 300% faster, only $9.95.
If you elect to proceed with any of these offers, (please don’t) you’ll be redirected to a common site used for many fraudulent Internet transactions
Despite having the word “secure” right in the domain name, and offering plenty of assurances that it’s Visa Verified, SSL and as pure as the driven snow, providing your credit card to this sham of a site is a recipe for disaster.
As for the software itself, you can be assured that you’ll be downloading “semi-functional” software that has just enough legitimate appearance and/or function to mask the fact that your computer will be infected into becoming a spam spewing zombie as part of a Russian controlled bot-net.
NOTICE: Campaigns such as these will mutate over time, so the sending servers, exact message and landing spam e-commerce servers may change in the near future. Rest assured, if you receive anything even remotely similar, it’s the same scam.
OnlyMyEmail is an award winning hosted spam filtering service and business email hosting provider. Our enterprise cloud computing anti-spam solution, the MX-Defender, has the highest capture rate of any spam filter ever tested in the VBSpam Challenge, blocking a record setting 99.9993% of all malicious and junk email.
Our Personal spam filtering system is also a Software as a Service (SaaS) solution and has won both the PC World "World Class Award" and also the PC Magazine "Editor's Choice Award."
OME-Kids is a webmail solution that protects children from spam and other harmful emails. OME-Kids offers unique Parental Controls that allow you to choose the level of security and oversight that's right for your child.