Spam hits all-time high during Q3 2007

17 Oct 2007

Global spam reached an all-time high of 95pc at its peak during the third quarter of 2007, according to Commtouch.

Spammers are making greater use of attachment spam, with PDF spam and Excel emerging strong while there has been an overall decline in image spam, the email security firm found.

Commtouch reported that there is also a growing threat from spam containing links to malicious websites. This type of technique reached a new high during the quarter.

These ‘blended threat’ messages — spam messages with links to malicious URLs — accounted for up to 8pc of all global email traffic during the peaks of various attacks during the quarter. One massive outbreak mid-quarter utilized over 11,000 dynamic zombie IP addresses to host malicious websites. Leading zombie locations included the US (36pc) and Russia (8pc).

This type of spam utilises vast zombie botnets to launch ‘drive-by downloads’ and evade detection by most antivirus engines, Commtouch said. Several blended spam attacks of this type focused on leisure-time activities, such as sports and video games.
Messages invited consumers to download “fun” software such as NFL game-tracking and video games from what appeared to be legitimate websites. Instead, consumers voluntarily downloaded malware onto their computers.

“Blended spam demonstrates the ingenuity of spammers to attempt to evade detection,” said Amir Lev, Commtouch president and chief technology officer. “Most antivirus and anti-spam technologies are not capable of blocking these types of messages, so the malware threats are allowed to penetrate the users’ computers.”

Commtouch’s report, based on the automated analysis of billions of email messages weekly, also found that image spam declined to a level of less than 5pc of all spam, down from 30pc in the first quarter of 2007. Image pump-and-dump spam has all but disappeared, with pornographic images taking its place, it found.

PDF spam represented 10-15pc of all spam in early July and then dropped significantly. A steady stream of PDF spam is still being maintained at 3-5pc of all spam messages.

Pharmaceuticals and sexual enhancers were the most popular spam topics, at 30pc and 23pc, respectively.

Spammers also experimented with several new techniques to slip past anti-spam engines throughout the quarter, such as disguising messages in PDF, Excel and other popular file formats.

“Spammers and malware distributors are the ultimate in test marketers,” Lev said.

“They keep trying different techniques to bypass spam filters and ensure that their messages have high response rates. In the future, I expect to see other file formats such as Word and Powerpoint used for a similar purpose.”

By Niall Byrne