Most Email Still Spam

PandaLabs, Panda Security’s malware analysis and detection laboratory, today announced that less than six percent of emails that reached companies in the third quarter of 2008 were legitimate correspondence. Moreover, 1.43% of emails contained malware. The data, extracted from a sample of more than 123 million emails, found the most frequently detected strains of malware during this quarter included Netsky.P, and the SpamtaLoad.DO and SpamtaLoad.CZ Trojans.

“The percentage of infected emails increased significantly in September, to more than double the levels that we had witnessed in previous months. This could be related to the financial crisis, as cyber-crooks step up attacks to enhance their chances of success and avoid the effects of the economic recession,” said Ryan Sherstobitoff, chief corporate evangelist for Panda Security, in a written statement.

PandaLabs found an alarming 91.77% of emails delivered to business inboxes were spam. This number peaked in August when more than 93 percent of mail traffic analyzed by Panda Security was cataloged as spam.

Much of this illicit traffic was sent from computers infected with bots, a type of malicious code that allows cyber-crooks to take remote control of compromised systems. Once a computer has been infected, it becomes what is colloquially known as a “zombie”. These zombie computers, under the control of cyber criminals, are then networked together to form botnets, which are used for a range of malicious activities that includes sending spam. In the last three months alone, over 330,000 new zombies were activated each day. Top spam topics of the quarter included sexual enhancers (23%), pharmaceuticals (19%) and loans (12%).

New Spam Trends

The third quarter of 2008 saw the expansion of the use of .swf (Flash) files to dodge anti-spam filters. This particular strategy involves including links in junk mail with interesting news headlines or erotic photos that then connect to an .swf file. The files themselves are generally hosted on legitimate websites but are actually designed to redirect users to the webpage that cyber crooks want to advertise. The most common sites involved in this scheme were fake online pharmacies.

Another popular scam that arose in the third quarter was the use of vertical writing and hidden characters to trick content based, anti-spam engines. The technique involves writing messages vertically instead of horizontally to avoid being caught before it can appear in a user’s inbox. Also included in these emails is an additional message contained in white font that can only be seen once the user selects the content of the mail.

For more information about the latest spam trends, consult the quarterly report published by Commtouch and Panda Security at: hreats_Trend_Report.pdf.