Well, it had to happen sooner or later… After trying this a little over a year – uhh, make that TWO years ago (maybe I should get an editor, huh? see, for example, this BusinessWeek note on the original mp3 spam campaign and other attachment-based spam), we’re seeing a new spam campaign today promoting “CHEAP VIAGRA” via an mp3 file.

In this case, a computer-generated female voice recites the URL the spammer wants you to visit (it’s similar to www.775**.net, but I’ve bleeped that out – I really don’t want you to visit that URL), embellished by what I’m going to call “heavy breathing.” In case the recipient doesn’t get the point, title tag metadata in the mp3 file reiterates the URL and the availability of the aforementioned cheap viagra.

Play the video file above to hear the expurgated audio clip.

The mp3 file itself comes as an attachment with a one-word randomized filename (e.g., “flossing.mp3″) to make it more difficult for anti-spam solutions to detect. The botnets that are used to send this sort of spam can easily make each message unique.

Proofpoint’s attachment-based spam detection capabilities automatically blocked the vast majority of these messages when the attack first launched and, after a little adjustment by the team at the Proofpoint Attack Response Center, even the liminal cases should now be blocked.

This particular campaign is quite a bit more amusing than last year’s penny stock pitch mp3 spam. I wonder: Should we hold a remix competition for this one?