The Spam Report, July 2009

There’s been a 21% increase in phishing attacks recorded around the world this month, with over a thousand phishing sites found to be hosted in ninety two countries.

  • E-Mail
By  Vineetha Menon Published  July 13, 2009

There’s been a 21% increase in phishing attacks recorded around the world this month, with over a thousand phishing sites found to be hosted around the world.

Recently micro-blogging site Twitter became the target of a massive phishing scare that involved the popular dating site DateTwit. Now a mass-mailing worm has been observed circulating through fake invitations to join the service.

Unlike a legitimate Twitter message, there is no URL present in the body that links directly to the site. Instead, recipients of the message see an Invitation file as an attachment that has been identified by Symantec as the W32.Ackantta.B@mm, which was first discovered in an e-card virus attack in February this year. The worm gathers email addresses from the compromised computer and spreads by copying itself to removable drives and shared folders.

Shifting the focus from phishing to spam, the most high-profile security trend observed recently though has to be campaigns involving Michael Jackson. The King of Pop might be dead but spammers are making sure his message lives on by exploiting the media frenzy surrounding his life, family and music.

Since his death on June 25th, several spam and malware campaigns have surfaced with top spam subject lines including: ‘Who killed Michael Jackson?’, ‘Jackson is still alive: proof’ and ‘Jackson ordered too close Neverland’.

At its peak, spam related to President Obama during his first 100 days in office accounted for approximately 2% of all spam messages. At this time, almost 1% of all spam messages refer to Michael Jackson.

Another mass-mailing worm doing the rounds uses the star’s death as bait. The worm sends out spam emails with the subject ‘Remembering Michael Jackson’ and an attachment named ‘Michael songs and’. The .zip file contains another file called ‘MichaelJacksonsongsandpictures.doc.exe’, which is a copy of the worm that is executed on the user’s machine when the file is opened.

Other spam examples that involve Jackson include a fake YouTube URL that links to a malicious file and another from a leading press organization that also tries to get email recipients to access a malicious URL.

Image spam is also rising and continues to detection by anti-spam filters by manipulating images to incorporate geometric shapes and figures as its background. In the past, Symantec encountered background color blocks, wavy text and multi-colored blurred backgrounds. Spammers are now using a combination of these tricks in their latest spam attacks.

Spam volumes remained at a very high level throughout June, averaging 90% of all the email messages in the world. The United States continues to lead as the top spam origin region, responsible for being the source of 23% of all spam, and is followed by Brazil at 12%.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code