Trustwave Identifies ‘Chameleon’ Spam Campaign, Botnet
Cybercriminals are using a high-volume spam campaign featuring phishing messages with randomized headers and changing templates to attack organizations, according to Trustwave, a Top 200 MSSP for 2019.
The spam campaign, dubbed “Chameleon,” was first identified by Trustwave SpiderLabs researchers on Aug. 14. Chameleon spam messages originated from across the globe and had similar unique email header and body characteristics indicating that they were being sent from the same botnet.
The Chameleon botnet sent out a wide range of spam variants, including:
- Fake Google personal or private messages.
- Fake email account security alerts.
- Fake broken or undelivered email messages from a mail server.
- Fake LinkedIn message and profile view messages.
- Fake FedEx delivery notification.
- Fake airline booking invoice.
Each Chameleon email featured a brief subject line to lure a victim to open the message, Trustwave noted. The email body also was brief to encourage a victim to click on a malicious link, and many of the lure URLs embedded in Chameleon messages consisted of WordPress websites.
How to Guard Against Phishing Attacks
The Trustwave Secure Email Gateway detects and blocks Chameleon emails and other spam campaigns, the company said. This solution offers zero-day protection against phishing, blended and targeted threats, along with business email compromise (BEC) and data loss prevention (DLP) capabilities.
In addition, security awareness training provider KnowBe4 in April released Phishing Reply Test (PRT), a tool that helps organizations determine if their employees will respond to phishing emails. PRT tests employees on common targeted phishing attack scenarios and provides details about the number of employees who fall victim to these attacks.