Spammers use the familiar to inspire action

Spammers have become adept at using the most familiar Internet names to give deceptive legitimacy to the billions of emails that they send. For example, between five to ten percent of all spam appears to originate from Gmail accounts, according to a Commtouch report.

Gmail’s message style, as well as those of PayPal and Facebook, is frequently used by spammers and phishers as standard templates to prompt action by targets of spam or phishing. This quarter, a phishing attack directed at Blogger and Google users was based on a template using techniques effectively downplaying the “phishy” nature of the email.

Other highlights from the report include:

  • Spam levels averaged 83% of all email traffic throughout the quarter, peaking at nearly 92% near the end of March and bottoming out at 75% at the start of the year.
  • Pharmacy spam remained in the top spot with 81% of all spam messages, maintaining last quarter’s average, as did the number 2 topic, replicas, which maintained its average of 5.4%.
  • An average of 305,000 zombies were activated daily to inflict malicious activity.
  • While Brazil continues to produce the most zombies, its numbers decreased in the first quarter. In Q4 2009, it was responsible for 20.4% of global zombie activity. In Q1 2010, that number dropped to 14%.
  • The Mal/Bredo malware had 838 variants during the quarter.
  • Sites in the “sex education” and “games” categories topped the list of Web categories likely to host hidden phishing pages.
  • “Pornography” has replaced “business” as the Web site category most infected with malware.
  • In the Web 2.0 sphere of user-generated content, entertainment (music, television, movies, reviews, etc.) is the most popular topic for blog creators.

“Spammers and cybercriminals use experimentation to reach their goals,” said Asaf Greiner, Commtouch vice president, products. “They are always testing new techniques to lure their victims, from using familiar formats and domains to creating entirely new ways to entice action.”


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss