Marshal8e6 TRACElabs reported in their mid-year security report last week that spam volumes were up 60% from the start of 2009 until the end of June. Since the beginning of July, spam volumes have continued to climb steadily and have now shattered the record for the previous highest levels set in July 2008.
“The previous highest period of spam activity was mid-2008,” said TRACElabs lead security researcher, Phil Hay. “During the third quarter of 2008, spam volumes declined steadily until a dramatic event occurred on November 11, 2008 with the shut-down of the rogue ISP network, McColo, which had been providing hosting services to some of the largest known spam botnets. Since that time, spam volumes have been climbing back. In June, we saw spam volumes matching the previous highest period from last year and now in July 2009 the spammers have punched through with a wave of spam to set a new record.”
Spam output is up across the board from the major spamming botnets. The Rustock and Pushdo botnets continue to be very strong, and second-tier botnets like Grum have also increased their output, helping to push spam volumes to the new high. Phishing activity was also up significantly to 1.4% of all spam by volume; representing a seven-fold increase in phishing activity during the month to July 19.
Marshal8e6 attributes the significant majority of phishing activity to the Pushdo botnet. Oddly, only three targeted institutions were the focus of 99.5% of all phishing activity last week – eBay, Comerica and Bank of America.
More than 30% of all spam last week came from Asian countries after Vietnam overtook traditional spam heavyweights China, Turkey and Russia for the first time. However, Brazil continues to dominate the TRACElabs spam statistics with over 15% of all spam, followed by the USA with 10%.
“The spammers are sending a clear message with this renewed spam activity. After the shutdown of another rogue spam ISP, 3FN, in early June this year, spam volumes were temporarily affected with approximately a 15% dip. However, the spammers recovered almost immediately and have been pumping out the spam ever since. The clear message spammers are giving us is that they are unimpeded by the efforts of law enforcement and the security community,” commented Hay.