March 2009 threat forecast: from coupons to World Cup

A new MX Logic Threat Forecast was just released and here are the highlights.

Coupon caution

Given the ongoing economic climate and some recent, successful spam campaigns by Waledac, we expect even more spammers to try and take advantage of people trying to save money. Thus far, popular lures have been money-saving coupons or advertisements for fake jobs. Be on alert for even more of these type of malicious messages in March.

Conflicted about conficker

The biggest wildcard in the internet security world is the massive Conficker botnet. Full activation of this botnet for spam purposes would easily push spam volumes up to or beyond where they were prior to the McColo shutdown last year. However, for now, it appears that this botnet remains mostly in test mode, carefully releasing new variants and trying new techniques in an attempt to make it more resilient. How long it will remain dormant is anyone’s guess, but a large-scale spam attack from Conficker is clearly a matter of “when” and not “if”.

New botnet gang on the prowl

The upcoming Easter holiday and St. Patrick’s Day are likely next targets for the new Waledac botnet gang, who are believed to be the same group responsible for the now infamous Storm botnet. Since re-emerging in late 2008, the Waledac botnet has initiated a series of malicious spam attacks, most recently sending a serious of malicious messages socially engineered around Valentine’s Day. Users should be extra wary of any suspicious-looking holiday email from an unknown sender prompting them to visit a website.


The 2010 World Cup will be held in South Africa and FIFA just announced that the first phase of ticket sales has begun. Since the World Cup is the largest sporting event in the world, MX Logic expects a rash of spam campaigns similar to the World Cup themed outbreaks we saw in May 2005. It is still early in the sales process, but as demand for tickets increase, so too will the amount of spam.

Don't miss