April threat forecast: Most prevalent spam and malicious messages

A new MX Logic Threat Forecast was released and here are the highlights.

Conficker
Given all the recent media attention surrounding the Conficker botnet, it’s not entirely surprising that nothing really happened on April 1st. However, spammers are a tricky bunch and know that the massive attention will subside and that users will eventually let their guards down again. But don’t be fooled. With the April 15th US Tax Deadline and Easter Holiday fast approaching, it’s very possible that Conficker could launch a large-scale attack in April. Keep your guard up.

Scams
Healthcare scams remained the most prevalent spam messages overall, although there was an increase of emails with only a single image in the body used to promote products from fraudulent pharmacies. In addition, the Waledac gang continued to make their presence felt in March, using a highly impactful bomb scare tactic. As in previous campaigns, Waledac used Geo-IP functionality, making the malicious message appear frighteningly more real since it localized the message to the email recipient.

Social networking sites used as bait
As mentioned in previous reports, social networking sites are increasingly being used to lure people into downloading malicious content. One popular ploy in March claimed to be a message sent from facebook.com and classmates.com. The message purported to include a link to an “adult” video of a “friend” named Amanda. Of course, this was simply an attempt to trick users into downloading malicious malware.