Spam in 2011: less is more dangerous

Petaling Jaya, March 2, 2012 – The trend of recent years continued in 2011, with a further reduction in the amount of spam in email traffic. The war on botnets, waged since 2010, has had an effect – after peaking in 2009 at 85.2% the share of junk mail fell to 80.26% of all email traffic in 2011.

One of the most prominent trends of last year was the emergence of so-called spear phishing – highly targeted spam that sees fraudsters focusing on a pre-selected group of users. As a rule, spear phishing’s primary aim is to steal users’ login details in order to gain access to their accounts for online services, online banking or to steal confidential information from their employers. The messages used in this type of phishing are more subtle than traditional methods, personalized for each recipient. The fact that relatively few messages are sent out in a spear phishing mailing makes it more difficult for security software to counteract the threat.

Even if there is less spam in general, it seems that what remains is more dangerous than ever. In 2011 the percentage of spam with malicious attachments increased more than one and a half times compared to the previous year and amounted to 3.8% of all mail traffic. The malicious users behind these sorts of mailings make active use of social engineering. Their messages may imitate official notifications from government bodies or online services, entice users with special offers or can even intimidate recipients, threatening to block access to various online accounts. Often, the fraudsters exploit a user’s curiosity or gamble on the recipient’s lack of caution by passing off malicious files as e-tickets, email password recovery instructions, and so on.

As always, the spammers exploited the most popular topics being discussed in the news to trick users into paying attention to their mass mailings. The earthquake in Japan as well as the deaths of Libyan leader Muammar Gaddafi and North Korea’s Kim Jong-il all featured in so-called Nigerian scam letters.

There were big changes among the leading sources of spam. The USA, 2010’s leader, dropped out of the top ten altogether. Taking over the unenviable top spot was India after a second-place finish the previous year. Brazil and Indonesia rounded off the top three after rising from 5th and 16th positions respectively. Russia, meanwhile, fell to 9th place. The regional distribution of spam sources, however, did not see much change – Asia, Latin America and Eastern Europe were still responsible for most of the junk mail that ends up in users’ inboxes.

“Pressure by the world IT community and the law enforcement authorities in different countries has produced encouraging results. Overall, however, unsolicited correspondence has become more dangerous and we expect attacks targeting specific groups of users to become more widespread,” comments Darya Gudkova, Head of Content Analysis & Research at Kaspersky Lab. “As the situation in developing countries shows, good Internet connections combined with a low level of computer literacy and the absence of anti-spam laws are especially attractive for bot owners. That’s why this threat requires a comprehensive response that pays particular attention to educating users about IT security.”

For pictographs and the full version of Kaspersky Lab’s report Spam Evolution 2011 is available at: http://www.securelist.com/en/analysis/204792219/Kaspersky_Security_Bulletin_Spam_Evolution_2011