Spam report - November 2009

Facebook was the target of a recent phishing attack that stole account details from users

Tags: Cyber crimeESETMalwareMessageLabs IncorporatedSymantec CorporationUSAUnited Arab Emirates
  • E-Mail
Spam report - November 2009 The Facebook phishing attack used messages that looked like an official password reset confirmation mail. If cursor is placed over the update button in the message, the phishing URL can be observed.
By  Vineetha Menon Published  November 6, 2009

Global spam volumes presently stand at about 87% of all email messages according to Symantec’s latest spam report, though a notable highlight is the growth of spam originating from Asia Pacific/Japan and South America, with a corresponding decline in spam originating from the EMEA region.

An average of 1.9% from that figure were found to contain malware, which might not seem dramatic but can still have a significant impact as several Facebook users found out recently.  A spam email, that had malware attached to it, has been masquerading as a notification from Facebook that the recipient’s password has been reset. The message contains an attached zip file containing a malicious .exe file, which Symantec detects as Trojan.Bredolab.

Bredolab connects to a Russian domain and the infected machine most likely ends up becoming part of a Bredolab botnet. To put that threat into perspective, Bredolab is believed to have contributed to 35.2% of all email-borne malware intercepted in October.

Facebook was also the target of a phishing attack that used messages mimicking the official password reset email, redirecting users that fell for the trap to another webpage that captured their account information.

According to the latest MessageLabs Intelligence report, phishing attacks like those that have occurred through Facebook are still generally in decline because there aren’t that many phishing toolkits available now as there were earlier in the year. For example, toolkits such as Zbot or Zeus, which can be used to create customised botnets, used to be the top choice for cybercriminals in the past that could afford to buy them, until they went into the public domain and became plagued by hidden backdoor Trojans.

Here in the United Arab Emirates the overall spam rate touched 93%, two points ahead of last month’s average of 91%, MessageLabs reported. But the country is doing better in protecting itself from viruses with a rate of 1 virus detected in about 230 emails – a significant decline from its earlier virus rate of 1 in 352 emails.

There has also been increase in seasonally-themed spam including Halloween, Thanksgiving, Christmas and Valentine’s Day. In mid-October, Halloween-themed messages accounted for 0.5% of all spam which increased and peaked at 500 million emails circulating worldwide daily as the holiday drew closer.

Another software solutions firm ESET, when analysing the top infectious threats around the world such as the Conficker worm, found that ‘INF/Autorun’- a mixture of Trojans exploiting the autorun.inf function of the Windows operating system - registered top of the list in the United Arab Emirates (10%).

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code