New spam campaigns see sustained levels in the New Year

News by SC Staff

Spammers have launched new campaigns in January to sustain the high levels of spam experienced towards the end of 2009.

Spammers have launched new campaigns in January to sustain the high levels of spam experienced towards the end of 2009.

According to the January 2010 MessageLabs Intelligence Report, spam related to the New Year accounted for 7.7 per cent of all spam on a single day. More than 50 per cent of New Year related spam was sent by the Grum and Cutwail botnets combined.

Since the New Year passed, it claimed that spammers are now moving away from the New Year themes and are expected to next latch onto Valentine's Day-related spam topics. It also said that spammers and phishers have also been quick to take advantage of the tragedy that struck Haiti to generate advanced-fee fraud scams.

With 83.4 per cent of spam originating from botnets at the end of 2009, MessageLabs Intelligence calculated that the remainder of spam, 0.9 per cent – the equivalent of 900 million spam emails, originated from free web mail accounts. More than 79 per cent of web mail spam came from three well-known free web mail service providers.

Paul Wood, MessageLabs Intelligence senior analyst at Symantec Hosted Services, said: “Despite the best efforts of the web mail providers to prevent this abuse of their services, there is still a viable market in the underground economy for buying and selling legitimate and usable web mail accounts.”

Commenting further on the Lethic spambot, which was detected in early January, Wood said that it ‘seems to have disappeared almost as quickly as it arrived'.

Wood said: “The spam it had been sending was roughly an even mix of pharmaceutical and replica watch spam. Interestingly, the Bagle botnet was sending the exact same spam with the same hyperlinks as Lethic and over the same time period leading us to believe that Lethic possibly came from the same creators as Bagle or the people behind the spam may have hired the resources of more than one botnet gang to increase output.”

Further analysis found that 41.4 per cent of all web-based malware intercepted was new in January, an increase of 0.6 per cent since December. MessageLabs Intelligence also identified an average of 1,760 new websites per day harbouring malware and other potentially unwanted programs such as spyware and adware, a decrease of 56.2 per cent since December.

The global ratio of spam in email traffic in January from new and previously unknown bad sources was 83.9 per cent (one in 1.2 emails), a decrease of 0.3 per cent since December 2009. Phishing activity was one in 562.3 emails (0.18 per cent) a decrease of 0.11 per cent since December 2009. The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 326.9 emails (0.31 per cent) in January, a decrease of 0.03 per cent since December 2009.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews