SurfControl: Key trends for spam in first quarter 2006

Using SurfControl’s Adaptive Threat Intelligence (ATI), SurfControl’s Global Threat Experts have compiled threat trend data for the first quarter of 2006.

In the first quarter of 2006, threat experts found that product and services-related spam has shown consistent growth of 16 percent month over month. The increase is partly attributable to Russian and Chinese coverage, where spam can be more generic, such as training courses, shopping and forum sites. This double-digit growth was also seen with phishing and fraud spam attacks.

Additionally, there was a significant rise in the amount of pharmaceutical and finance-related spam, together representing 80 percent of spam volume. Stock tip embedded spam is still the most prevalent type of spam, claiming 40 percent of all financial spam, with 1,200,000 instances discovered in March 2006 alone. Embedded spam is defined as when the entire message is contained within a graphic, and has no extraneous text.

New spammer techniques used to avoid reputation-type services also are noteworthy:

1. Spammers increased the use of free redirection services to score legitimate points against domain reputation technology. Common redirectors are Google.com.

2. In South America, and other regions, free hosts, such as AOL, are being used by spammers to host popular malicious executables and keyloggers.

3. SurfControl also found an increase in remote foreign domain extensions, such as .cc, .sh, .in. Using these extensions increases potential vulnerabilities because all iterations of these domains may not be immediately or easily available globally in WHOIS directories.