This is a new spam that has just started showing up in my inbox. A few others seem to have received it. It seems like a non-threatening phishing attempt redirecting clickers to mysearchmusic.com. The destination site seems unharmful at first glance, and acts as a MP3 Search Engine, with Google AdSense.
Here is the content of the message:
From: Facebook <noreply@netlogmail.net>
Subject: Mark Zuckerberg Commented on your Photo
Eva commented on your photo.
Eva wrote:
'wow you look great i like your pic :D '
Reply to this email to comment on this photo.
To see the comment thread, follow the link below:
http://www.facebook.com/n/?photo.php&pid=295038&id=1704181049&mid=2d68770G6593bd39G80875fG9&n_m=
Thanks,
The Facebook Team
___
Find people from your Windows Live Hotmail address book on Facebook! Go to:
http://www.facebook.com/find-friends/?ref=email
This message was intended for. If you do not wish to receive this type of email from Facebook in the future, please follow the link below to unsubscribe.
http://www.facebook.com/o.php?k=d4ba22&u=1704181049&mid=2d68770G6593bd39G80875fG9
Facebook, Inc. P.O. Box 10005, Palo Alto, CA 94303
So, is this a useless spam? There is no direct threat on the landing page. It could be an attempt at promoting ZaiGames.com, which the site uses for redirecting to various MP3 sites. Would it be an attempt at making a few bucks through AdSense?
Nevertheless, I found the subject of this spam really great. After the boom of social media, including The Social Network movie, the name Mark Zuckerberg does ring nicely to people, and it’s bound to attract attention from people receiving the email (‘how’s that possible?’). Clicking on the Facebook notification link has become a habit for so many people who receive dozens of comment notification each day, many will probably click the link without thinking twice. It may actually be among the highest conversion ratios in spam history. And conversion ratios coupled with spam volumes are the two metrics that count when you’re a spammer.
Did you like this spam’s originality? Is this an old one I’ve never seen before? Will the landing page change at some point and include harmful content, trojans, keyloggers or other viruses and threats?
I’ve seen this spam before, linking to likemp3.net , ilymusic.net, mylovemusic.com where the webpages were stuffed full of banking meta keywords, and the page itself was an mp3 search engine.
I’m guessing this is an attempt to build a trust ranking before switching the page to a bank/email/facebook clone page to grab login details.
Interestingly, the registrant of zaigames.com and mysearchmusic.com is also listed as the owner of adsense-sucks.com