Cisco Talos researchers have spotted Hailstorm spam tactics used to evade cyber defenses and spread malware via phishing attacks.
Rather than send large volumes of mail for large periods of time, hailstorm campaigns send larges bursts of spam over very short periods of time, according to a Dec. 19 blog post. The spam is sent via IP addresses located around the world with the intent of flying under the radar with respect to any reputation or volume-based metrics that could be applied by anti-spam systems.
Researchers said that although these types of campaigns are generally more of a nuisance rather than a threat, the spam distributed via the campaigns can result in drive-by downloads, business email compromises, fraud and identity theft.
Most of the earlier campaigns detected were initially used to advertise supposed home-surveillance systems, flashlights, dietary supplements and all sorts of items “as seen on TV” products.