Spam Down, Phishing Up: Just Great!

According to Symantec there’s an overall decrease in spam, but an increase in phishing attacks.

Overall, spam made up 89.40 per cent of all messages in September, compared with 92.51 percent in August. This is the lowest volumes recorded since the McColo shutdown in 2008. Two possible explanations for this drop in volume are the shutdown of spamit.com and the Zeus ring arrests made recently. However, if the aftermath of McColo shutdown is any indication, the volume should gradually return over time.

Spammers continued to send waves of messages either containing or leading to sites that contained malware in the month of September. Two major attacks were the “here you have” PDF attack in early September and spoofed LinkedIn messages in late September.

The link to the PDF document was actually a link to .scr file which contained malware W32.Imsolk.B@mm, a mass-mailing worm that also spreads through removable and mapped drives. The malware also spreads through shared folders and instant messaging and attempts to download files onto the compromised computer.

In late September, messages spoofing LinkedIn tried to trick users into installing malware. When users click on the link, Zeus malware tries to install itself on the user’s computer. After it has been successfully installed, the malware can gather sensitive information about the user that will lead to a crime. After this initial attack spoofing LinkedIn, Symantec has seen similar attacks affecting other social networks.

While malicious messages continue to plague the Internet, the overall volume of spam messages actually declined significantly month-over-month. Symantec is now seeing the lowest volumes since the McColo shutdown in 2008.

Phishing overall increased by 52 percent this month. This was primarily due to an increase in both automated toolkit attacks and unique phishing websites. Phishing websites created by automated toolkits increased by 46 percent in September. Unique URLs increased by 83 percent, and phishing websites with IP domains (i.e.. domains like http://255.255.255.255) in-creased by about 35 percent.

Web hosting services comprised 12 percent of all phishing, an in-crease of 30 percent from the previous month. The number of non-English phishing sites in-creased by 17 percent. Among non-English phishing sites, French and Italian continued to be higher in September.

The full report can be viewed here: http://bit.ly/cjuRdD

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Christian Harris is editor and publisher of BCW. Christian has over 20 years' publishing experience and in that time has contributed to most major IT magazines and Web sites in the UK. He launched BCW in 2009 as he felt there was a need for honest and personal commentary on a wide range of business computing issues. Christian has a BA (Hons) in Publishing from the London College of Communication.