July sees spam continuing to dominate emails as websites are compromised
Threat reports for July show that spam continues to be sent at a high level with image spam and phishing still in high figures.
Websense's July threat report claimed that there was a series of compromises of high-profile websites in a month it claimed was ‘huge for zero-day attacks and critical vulnerabilities'.
Websense Security Labs claimed that both the Center for Defense Information and Torrent Reactor websites were compromised and injected with malicious code, while ImageShack was broken into by a malicious hacker group. The group replaced all images hosted by ImageShack with an image containing their manifesto.
The report said: “If one of the largest image-hosting services could have been taken over this easily, what's to stop these bad guys from going even further? The manifesto image could very well have been a maliciously crafted image that could lead to the infection of the casual surfer's computer, merely from visiting a website that linked to an image from ImageShack.
“The idea of opening up your data and services for re-use by others is by definition a Web 2.0 thing to do, and ‘with great power, comes great responsibility'.”
Moving into spam, Websense claimed that it saw malicious hackers fabricating emails announcing the death of Harry Potter actress Emma Watson. Security Labs claimed that it discovered that top results in Google on this topic led to malicious, fake anti-virus websites. It said: “This is not the first time malicious campaigns have used fake headlines, nor will it be the last.”
This trend was also spotted by Symantec, who claimed that the recent spam messages indicate that Emma Watson, who plays the character of Hermione Granger, is the spammers' favourite target. It also claimed that other messages that have emerged included Harry Potter-related 419 and health spam, with the recipient informed that they had won a cash prize in the ‘Harry Porter witches, wizards and muggles online lottery'.
Websense claimed that July saw the highest percentage of spam email in any month so far this year – with 89.3 per cent of all email being spam. There was also an increase in phishing attacks through email at 3.5 per cent this month.
It claimed that this was a slight increase over previous months, showing that in the continued economic climate, spammers and scammers are working to make a profit through fraudulent means.
Symantec also reported the same figures, with image spam continuing to reach 17 per cent of all spam during one point in July. It did state that health spam decreased by 17 per cent, while product and 419 spam both saw increases of eight and three per cent respectively month over month.