The Deceptive Legitimacy of Spam

newsguy 0 Tallied Votes 530 Views Share

While, for the average end user, spam has become less of a problem over recent years as spam filters get better at what they do and simply remove much of it from sight, that doesn't mean that spam volumes are actually reducing. In fact, the opposite is true and the actual amount of spam flowing through the Internet is still ridiculously high. What's more, the spammers are becoming increasingly adept at adapting to ongoing trends and exploiting them to get their often unsavoury message across.

According to the latest Internet Threats Trend Report for Q1 2010 to be published by Commtouch Labs, spammers are now well and truly using the familiar to inspire end user action. Indeed, by using the most familiar of Internet names the spammers are able to give a deceptive legitimacy to billions of emails they send. So, for example, you'll find that between five and ten percent of all spam by volume would appear to have originated from some Gmail account or other. That does not, however, mean that the same volume actually emanates from Gmail.

The message style of Gmail, along with Facebook and PayPal rather commonly, is copied and templated by the spammers, including those with both malware and phishing payloads, in an attempt to use familiarity to bypass human common sense and automated filtering alike. By downplaying the more 'phishy' elements of an email, and playing up the average Gmail message construction instead, spammers hope to evade detection until it is too late.

“Spammers and cybercriminals use experimentation to reach their goals,” said Asaf Greiner, Commtouch vice president, products. “They are always testing new techniques to lure their victims, from using familiar formats and domains to creating entirely new ways to entice action.”

Commtouch’s quarterly trend report is based on the analysis of more than two billion email messages as well as the GlobalView URL database within the company’s cloud-based global detection and classification centres. Reported global spam levels are based on Internet email traffic as measured from unfiltered data streams, not including internal corporate traffic. Therefore global spam levels will differ from the quantities reaching end user inboxes, due to several possible layers of filtering.

The highlights include:

  • Spam levels averaged 83 percent of all email traffic throughout the quarter, peaking at nearly 92 percent near the end of March and bottoming out at 75 percent at the start of the year.
  • Pharmacy spam remained in the top spot with 81 percent of all spam messages, maintaining last quarter’s average, as did the number 2 topic, replicas, which maintained its average of 5.4 percent.
  • An average of 305,000 zombies were activated daily to inflict malicious activity.
  • While Brazil continues to produce the most zombies, its numbers decreased in the first quarter. In Q4 2009, it was responsible for 20.4 percent of global zombie activity. In Q1 2010, that number dropped to 14 percent.
  • The Mal/Bredo malware had 838 variants during the quarter.
  • Sites in the “sex education” and “games” categories topped the list of Web categories likely to host hidden phishing pages.
  • “Pornography” has replaced “business” as the Web site category most infected with malware.
  • In the Web 2.0 sphere of user-generated content, entertainment (music, television, movies, reviews, etc.) is the most popular topic for blog creators.