The ‘dirty dozen’ – spam gets more malicious

11 Jan 2011

Cyber criminals are raising their game – despite giving the impression that spamming levels had dipped since Christmas – they are using the botnet for more sophisticated activities, with malware spreading, phishing emails and social-networking attacks fast replacing traditional spam.

In the latest ‘dirty dozen’ report of spam-relaying countries from Sophos, covering Q4 2010, the US has increased its lead at the top spot, and continues to be responsible for nearly one in five junk emails – 18.6pc of all spam messages. Ireland is ranked 53rd in the report.

The UK decreased its percentage of total spam output compared to Q3 last year – from 5pc to 4.54pc – however it remains in fifth place overall.

But, while the same countries continue to dominate in terms of spam output, Sophos said the nature of the spam being distributed is becoming more malicious.  

It said traditional subject matter, such as adverts for pharmaceuticals, continue to be a concern, with some 36m Americans reported to purchase drugs from unlicensed online sellers – but more and more messages are spreading malware and are attempting to phish user names, passwords and personal information.

The top 12 spam-relaying countries for October to December 2010 are:

 
1.     USA            18.83pc
2.     India            6.88pc
3.     Brazil           5.04pc
4.     Russia         4.64pc
5.     UK              4.54pc
6.      France         3.45pc
7.      Italy           3.17pc
8.      South Korea    3.01pc
9.      Germany         2.99pc
10.     Vietnam         2.79pc
11.     Romania        2.25pc
12.     Spain           2.24pc
 
Other                  40.17pc  

Meanwhile, the other countries in the spam running include:

15.      China           1.67pc
17.      Netherlands     1.52pc
18.      Canada         1.50pc
27.      Australia       0.84pc
34.      Singapore       0.70pc
35.      Japan           0.67pc
42.      Austria         0.46pc
48.      Switzerland     0.40pc
53.      Ireland         0.30pc
56.      South Africa   0.23pc
58.      Hong Kong       0.21pc
60.      Croatia         0.20pc
61.      Belgium         0.19pc
63.      New Zealand 0.17pc
97.      Luxembourg 0.04pc

Spearphishing

 
Sophos warned there has also been an increase in more focused, targeted email attacks, known as spearphishing.  

The IT security and control firm said it is also continuing to receive an increased number of reports of malicious apps, compromised profiles and unwanted messages spreading across social networks, such as Facebook and Twitter.
 
“Spam is certainly here to stay, however, the motivations and the methods are continuing to change in order to reap the greatest rewards for the spammers,” said Graham Cluley, senior technology consultant at Sophos.

“What’s becoming even more prevalent is the mailing of links to poisoned webpages – victims are tricked into clicking a link in an email, and then led to a site that attacks their computer with exploits or attempts to implant fake anti-virus software.”

For Q4 2010, Europe decreased its overall percentage of relayed spam messages compared to Q3.

Top spam-relaying continents for October to December 2010:

 
1.      Europe          32.11pc
2.      Asia            31.89pc
3.      North America    22.38pc
4.      South America   10.25pc
5.      Africa          2.12pc

Advice for combating spam

“Regardless of what methods spammers use, internet users should never be tempted to open a spam message out of curiosity, or click on an unknown link, just because it appears on a Facebook friend’s profile,” said Cluley.

“Internet users need to become aware of these new approaches to cyber crime, as the spamming techniques become more and more sophisticated. As long as spammers continue to make money from these schemes, internet users can be sure that they’ll continue to receive unsolicited emails and social-networking scams. To combat this, it’s essential that computer users remain wary of clicking on unknown links, regardless of whether they appear to be on a trusted contact’s social networking page.”

Sophos recommended that companies automatically update their corporate virus protection, running a consolidated solution at their email and web gateways to defend against spam and viruses.  

It advises home users to defend their computers with virus protection, to avoid becoming part of a botnet used for sending spam.

Carmel Doyle was a long-time reporter with Silicon Republic

editorial@siliconrepublic.com