It's all too easy to think that spam is an old problem, and one that has largely been dealt with. Certainly, many people will tell you that they see very little evidence of spam in their mailboxes. This, however, has less to do with the demise of the spammer and everything to do with the effectiveness of spam filters.

The latest Kaspersky Lab analysis of the spam and phishing threat landscape for the first quarter of 2015 suggests that some 59.2 per cent of email traffic was actually spam, which is good news in as far as that number is six percentage points down on the previous quarter. It's also a pretty good reflection of my own incoming email, which currently sits on around 55 per cent spam. Not that I see it unless it's that time of the month when I pay my spam folder a visit to check for false positives, and they are rarer than rocking horse poop these days.

Interestingly, it seems that the raft of new generic top-level domains (gTLDs) such as .work or .science for example, have provided an impetus for the spammers. Kaspersky suggest that "new domain zones almost immediately became an arena for the large-scale distribution of advertising spam, phishing and malicious emails." Indeed, according to Kaspersky Lab’s email traffic analysis there was "a considerable increase" in the number of new domains that sent out spam content in Q1 2015. The spammers are targeting these new domains specifically as well, so .work domains get lots of household maintenance, construction or equipment installation spam whereas, to continue with our examples, the .science spam is largely distance learning and college training course oriented.

One thing that has remained fairly constant is the construction of the typical spam message. This includes the sparse use of visible text, often just a header which is repeated in the message body, along with a link or links loading an attention grabbing image containing the advertising data and another link (usually a long and often obfuscated one) leading to the advertised resource itself. Spammers also make good use of 'white noise padding' where random words or phrases, often in a language other than that used for the email body, are composed in white on a white background to be hidden from the reader but seen by anti-spam filters as indicative of a proper email rather than a junk one.

A final word of warning, spam is still being used for the distribution of malware; this has not changed. The countries being targeted by such 'malicious mailshots' are changing though, and the Q1 Kaspersky Lab report reveals that the UK is top of the list with Brazil second and the USA in third place. Germany, which used to head the target list, has dropped down to fourth place overall, followed by Italy, Australia, India, Turkey, France and Russia.

The full 'Spam and Phishing in the First Quarter of 2015' report can be found here.

About the Author

A freelance technology journalist for 30 years, I have been a Contributing Editor at PC Pro (one of the best selling computer magazines in the UK) for most of them. As well as currently contributing to, The Times and Sunday Times via Raconteur Special Reports, SC Magazine UK, Digital Health, IT Pro and Infosecurity Magazine, I am also something of a prolific author. My last book, Being Virtual: Who You Really are Online, which was published in 2008 as part of the Science Museum TechKnow Series by John Wiley & Sons. I am also the only three times winner (2006, 2008, 2010) of the BT Information Security Journalist of the Year title, and was humbled to be presented with the ‘Enigma Award’ for a ‘lifetime contribution to information security journalism’ in 2011 despite my life being far from over...

Pretty much what I see in my mailbox, though I rarely if ever see malware.
I do see a LOT of fake "job offers" and phishing scams for bank account data, the former especially has gone up from a few percent to almost a quarter of all spam I get, almost completely replacing advertising fake/illegal internet gambling sites.

The spam pilfering illicit pharmacies (usually viagra but also other prescription drugs) seems to have almost completely disappeared as well.

I expect a lot of the phishing sites also host malware. If they put mailware in the email, it's likely to be blocked. If they can trick you into going to their site, why not try to infect you while you're there? If they can install a keylogger on your machine, they can get your data even if you decide not to give it to them.

That's why I never click on links in unsolicited emails - even though my computer is pretty well locked down, why push your luck?

Spam has become a total pain for me! I like many, have several email accounts and lately I've been plagued with 600+ spam email each day!!

Many of the emails are pointless ads, many are phishing, one things for sure - I'm fed up with them!