Symantec’s May 2009 MessageLabs Intelligence Report has recorded a rise in spam levels of 5.1% over the previous month. This puts spam levels at 90.4% of all corporate email – what’s behind this spike?
Spammers work by US clocks
MessageLabs Intelligence research shows that spammers are predominantly active during the US working day, and may be indicative of the fact that the most active spammers are either based in the US or find the US workforce the most likely targets. Spammers are finding this large target audience that’s online and more likely to respond as being very profitable for their nefarious activities.
Webmail and links to social networks pose a big threat
The US workforce also spending time on webmail and on popular social networks are aiding this increase in spam. Active profiles on social networks are goldmines for spammers to lure unsuspecting users. All spammers use is a subject line and a valid hyperlink to active profiles on one of a number of major social networking sites. These emails originate from legitimate addresses on some of the main webmail providers making them harder to catch by regular anti-spam filters.
Spammers are creating webmail accounts and profiles on social networks in massive quantities using automated CAPTCHA-breaking tools. A new harder to crack CAPTCHA technology is on the horizon and spammers want to maximize their profits before this new breed of CAPTCHAs are let loose as a deterrent to spammers and phishers. Some major sites are already investigating alternatives to the traditional CAPTCHAs with swirling letters and numbers and are starting to use images and riddles instead.
Botnet activity is the main culprit
Around 57.6% of spam was sent from known botnets around the world. The most active botnet – Donbot – is responsible for 18.2% of spam and is most active in Asia. Rustock and Bagle – together responsible for over 20% of spam – are heavily based in the Americas. Notorious botnets Cutwail and Xarvester continue to target the rest of the world with over 10% of spam, combined.