It's all too easy to think that spam is an old problem, and one that has largely been dealt with. Certainly, many people will tell you that they see very little evidence of spam in their mailboxes. This, however, has less to do with the demise of the spammer and everything to do with the effectiveness of spam filters.

The latest Kaspersky Lab analysis of the spam and phishing threat landscape for the first quarter of 2015 suggests that some 59.2 per cent of email traffic was actually spam, which is good news in as far as that number is six percentage points down on the previous quarter. It's also a pretty good reflection of my own incoming email, which currently sits on around 55 per cent spam. Not that I see it unless it's that time of the month when I pay my spam folder a visit to check for false positives, and they are rarer than rocking horse poop these days.

Interestingly, it seems that the raft of new generic top-level domains (gTLDs) such as .work or .science for example, have provided an impetus for the spammers. Kaspersky suggest that "new domain zones almost immediately became an arena for the large-scale distribution of advertising spam, phishing and malicious emails." Indeed, according to Kaspersky Lab’s email traffic analysis there was "a considerable increase" in the number of new domains that sent out spam content in Q1 2015. The spammers are targeting these new domains specifically as well, so .work domains get lots of household maintenance, construction or equipment installation spam whereas, to continue with our examples, the .science spam is largely distance learning and college training course oriented.

One thing that has remained fairly constant is the construction of the typical spam message. This includes the sparse use of visible text, often just a header which is repeated in the message body, along with a link or links loading an attention grabbing image containing the advertising data and another link (usually a long and often obfuscated one) leading to the advertised resource itself. Spammers also make good use of 'white noise padding' where random words or phrases, often in a language other than that used for the email body, are composed in white on a white background to be hidden from the reader but seen by anti-spam filters as indicative of a proper email rather than a junk one.

A final word of warning, spam is still being used for the distribution of malware; this has not changed. The countries being targeted by such 'malicious mailshots' are changing though, and the Q1 Kaspersky Lab report reveals that the UK is top of the list with Brazil second and the USA in third place. Germany, which used to head the target list, has dropped down to fourth place overall, followed by Italy, Australia, India, Turkey, France and Russia.

The full 'Spam and Phishing in the First Quarter of 2015' report can be found here.

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

Pretty much what I see in my mailbox, though I rarely if ever see malware.
I do see a LOT of fake "job offers" and phishing scams for bank account data, the former especially has gone up from a few percent to almost a quarter of all spam I get, almost completely replacing advertising fake/illegal internet gambling sites.

The spam pilfering illicit pharmacies (usually viagra but also other prescription drugs) seems to have almost completely disappeared as well.

I expect a lot of the phishing sites also host malware. If they put mailware in the email, it's likely to be blocked. If they can trick you into going to their site, why not try to infect you while you're there? If they can install a keylogger on your machine, they can get your data even if you decide not to give it to them.

That's why I never click on links in unsolicited emails - even though my computer is pretty well locked down, why push your luck?

Spam has become a total pain for me! I like many, have several email accounts and lately I've been plagued with 600+ spam email each day!!

Many of the emails are pointless ads, many are phishing, one things for sure - I'm fed up with them!