Q3 spam and malware trends statistics and analysis
Spam volume returned to record highs in Q3 with fairly steady monthly increases throughout the summer. The acquisition of innocent machines via email and Web-based infections continued in Q3, with over 5,000 new zombies created every hour. The United States continued its role as the largest originator of spam messages, nearly doubling its worldwide share from 16.6% in Q2, 2008 to 32.1% in Q3.
Secure Computing Q3 Internet Threats Report mentions the following key facts related to spam:
ÂÂ
·        Q3 saw the emergence of “Breaking News” spam as a new vehicle that enticed readers to click for breaking news flashes with interesting and provocative headlines.
·        Misguided “Delivery Status Notifications” made a strong resurgence onto the “Most Common Spam” list.
·        Spammers continue to leverage election topics to lure users. After the second presidential debate on October 7th, Obama gained popularity among spammers, and over 80% of election-related spam currently bears his name.
·        Secure Computing’s TrustedSource Labs estimates the number of worldwide U.S. election-related spam email to be approximately 100 million messages per day.ÂÂ
From the malware perspective, the report stresses out:
·        The United States and China dominate the world in the number of hosted Websites which distribute malware, with nearly 60% of all malware-infected URLs served from these two countries. In terms of phishing attacks, the United States and the Netherlands host nearly 60% of all URLs used.
·        Phishing attacks spiked significantly following the announcements of various bank failures in late September. While there was no strong trend towards using any one specific bank or bank failure, overall increases in phishing activity in the days following each major announcement were recorded.
·        Previously, successful SQL injection attacks on legitimate Websites included links directing users to one of a few dozen or so malicious sites. This summer, however, more attacks were launched where each infected page included a link to a unique and individualized malicious site (a 1-to-1 infection/attack ratio).
·        A large increase in the number of heavily promoted phony malware/spyware removers or “scareware” occurred at the end of the quarter. Secure research expects this to be an increasing problem that will rapidly evolve to a greater level of sophistication.