Quarterly Spam Report (July-Sep 2008) by Panda Security
October 2008 by Panda Security
Less than six percent of emails that reached companies in the third quarter of 2008 were legitimate correspondence. Moreover, 1.43 percent of emails contained malware. The most frequently detected strains of malware during this quarter included Netsky.P, and the SpamtaLoad.DO and SpamtaLoad.CZ Trojans.
% spam %infected
January 76.27 1.84
February 87.83 3.08
March 86.51 1.32
April 94.75 0.88
May 94.71 0.97
June 93.35 0.87
July 90.43 0.98
August 93.01 0.99
September 91.89 2.34
“The percentage of infected emails increased significantly in September, to more than double the levels that we had witnessed in previous months. This could be related with the financial crisis, as cyber-crooks step up attacks to enhance their chances of success and avoid the effects of the economic recession”, explains Luis Corrons.
The rest of the emails received, 91.77 percent, were spam. The amount of junk mail in circulation peaked in August, when more than 93 percent of mail traffic analyzed by Panda Security was cataloged as spam.
This data has been extracted from a sample of more than 123 million emails analyzed by TrustLayer Mail (http://www.pandasecurity.com/enterp...), the anti-spam managed service from Panda Security.
Much of this illicit traffic was sent from computers infected with bots, a type of malicious code that allows cyber-crooks to take remote control of compromised systems. These infected computers are normally networked to form ‘botnets’ and used for malicious ends including sending spam. These computers are known colloquially as ‘zombies’. Over the last three months, 330,000 new zombies were activated every day.
Top spam topics of the quarter included sexual enhancers (23%), pharmaceuticals (19%) and loans (12%).
Sexual enhancers 23%
“Spam is not just an annoyance for companies; it hits productivity as employees are forced to delete the junk mail, and it clogs up systems, wasting valuable bandwidth. Nucleus Research, an independent consultant, put the cost of receiving and deleting spam, without even opening it, at $874 per employee“, explains Corrons.
New spam trends
The use of .swf (Flash) files to dodge anti-spam filters is one of the techniques that has expanded most during the third quarter of 2008. This strategy involves including links in junk mail pointing to an .swf file. The files themselves (generally hosted on legitimate websites) redirect users to the web page that cyber crooks want to advertise, generally fake online pharmacies. To encourage users to click them, the links normally claim to point to interesting news stories or erotic photos, etc.
The use of vertical writing and hidden characters has also become more popular in this last quarter. The technique involves writing messages vertically instead of horizontally to avoid content-based anti-spam engines. Interestingly though, an additional message is contained in white font so it is only visible if the user selects the content of the mail.
Spammers are also resorting to ASCII art to by-pass filters. This involves using random characters to put together a large-scale message (as you can see here: http://www.flickr.com/photos/panda_... )