|
|
Spam Evolution: July – September 2007: Executive SummaryKaspersky Lab, a leading developer of secure content management systems, has released its latest quarterly report on the evolution of spam. The report states that in the third quarter of 2007, spam on the Russian Internet accounted for an average of 79% of all mail traffic. The quarterly low was 68.1% (6th September) and the quarterly high was 89% (2nd September). The leading spam categories in the third quarter of 2007 were:
The composition of the top five spam categories remains the same except for one detail: the computer fraud and electronic advertising services categories switched places, putting the latter in fifth place with 6.6% of all mail traffic. The medications and health related goods and services category increased 8% from the second quarter of 2007 and has now doubled the figures shown by this type of spam in the first quarter of the year. This rapid growth was triggered by mass mailings advertising Viagra. In June, spammers came up with a new way of bypassing spam filters to deliver images - attaching the images as PDF files. As Kaspersky Lab analysts predicted, the use of PDF-format spam petered out fairly quickly. In July we saw the arrival of investment spam messages with ZIP archive attachments, and in August spammers began sending messages with FDF format attachments. In September, spammers again attempted to revive a tactic that became well known in 2003: sending simple email messages in plain text in which certain letters are replaced with non alpha-numeric symbols, and letters in keywords are separated by non alpha-numeric symbols. Also in the third quarter, spammers implemented the use of flash mailings – mass mailings which are conducted in just 15-30 minutes. Spammers are clearly counting on spam filters not being able to detect and combat threats within such a short period of time. Most flash mailings are English language advertising for a variety of Viagra-type medications. Russian-language spam advertising other goods and services is also sent using this technology, but is much less common.Despite an official drop in the number of fraudulent emails in all spam (from 9% in 2Q2007 to 5.3% in 3Q2007), the criminalization of spam continues. Such spam typically advertises counterfeit and unlicensed goods. As far as spam in the computer fraud category is concerned, Nigerian (a.k.a 419) scams, fake notification of lottery winnings and phishing emails still make up the majority of emails in this category. The report also notes that despite a decrease in the volume of this category, scammer attacks are becoming targeted, and consequently more of a threat. Spammers who send 419 scam messages turned their attention to Russian-language dating websites in the third quarter of 2007. Users who set up a profile on these websites risk receiving touching messages from alleged would-be partners; messages which ask the recipient for assistance in releasing millions of dollars. These fool gullible victims into forking over thousands of dollars in initial expenses. Increased Russian-language phishing activity was also detected in the third quarter of the year. In particular, in summer we saw against users of Mail.ru email, WebMoney and the Yandex.Dengi system. In late summer and early autumn, phishers conducted several targeted attacks on corporate users of the Russian Internet, specifically clients of Alfa Bank. In late summer and early autumn, spammers traditionally become more active and test new spamming tactics and technologies. As a rule, this is the period during which spamming trends for the next 12 months are defined. The quarter's data leads Kaspersky Lab to expect an increase in the volume of spam and in the speed at which mailings are sent, new experiments with graphical spam, and more activity by phishers and Internet scammers on the Russian Internet. The full version of the report can be found on Viruslist.com. |
All rights reserved. Industry-leading Antivirus Software