TMCnet News
: Spam in August: Cybercriminals find new ways to disguise spamSep 19, 2011 (M2 PRESSWIRE via COMTEX) -- The volume of spam in mail traffic in August 2011 decreased slightly compared to July and averaged 80%, according to Kaspersky Lab's latest spam report. It used to be that malicious attachments came in emails with erotic photos of girls who "want to meet you", or "scandalous photos" of celebrities. Now, cybercriminals are disguising their messages to make them look like official notifications or business correspondence. In particular, spammers now like to send out fake notifications for postal services such as UPS, FedEx, and DHL stating that they were unable to deliver a package and that the recipient needs to pick it up from the office immediately, or that the recipient's address was filled out incorrectly. The messages contain a ZIP archive file that allegedly contains the forms needed to collect the package. In actual fact the attachments contain various types of malicious programs. "These changes to how malicious emails are sent are linked to the fact that most users do not expect to find malware in business emails," explains Maria Namestnikova, Senior Spam Analyst at Kaspersky Lab. "Erotic photos of girls 'waiting to meet you' can be found all over the Internet, while a company's internal documents are more likely to pique an Internet user's interest." After all, how many people are going to sleep soundly after they delete an email that appears to have come from the police asking the recipient to print out details of a driving offence and send it to a municipal court? What's new? Several new tricks for spreading malicious code were registered in August, although they were all based on the same idea: the more mysterious an email is, and the less text there is, the greater the chances of arousing the recipient's curiosity. Kaspersky Lab identified three different kinds of spam using this technique: - The first group contained the word 'Changelog' and the date in the subject line. The body of the email only had a couple of words, such as "As promised" or "See attachments" - The second group had a subject line that read either "End of July Statement required" or "End of July Statement". The body of the email explained that, as requested, the sender would be transferring unsettled accounts for a particular date that was usually specified; - The third group featured the subject line "Internal accounts from ATFT Corporation" and contained a message stating that internal 2010 accounts were in the attachments, and expressed gratitude for the support in "setting up this process". Predictably, the vast majority of attachments in these messages contained malicious programs. Statistics In August, malicious files were found in 5.9% of all emails - a rise of 1.2% compared to July. This figure has grown by a third over the past two months. This is typical for the summer months, as spammers usually have fewer orders from their clients during the holiday season, and switch gears over to mailings with affiliate programs that are more lucrative. Country ratings based on the number of email antivirus detections show that users are faced with malicious emails most commonly in the US (10.1%) followed by Russia (8.96%), the UK (7.36%), Germany (5.45%) and India (5.1%) Meanwhile, the percentage of phishing emails in total mail traffic compared to July increased very slightly and stood at 0.03%. The leading four organisations targeted by phishers - PayPal, eBay, Habbo and Facebook - remained unchanged from the previous month. Also of note is the drop in phisher interest in online games: RuneScape, which was the number six target in July, dropped two places, and WoW, which was at the tail end of last month's rating, was not even among the Top 10 targets in August, even though its respective percentage of attacks did not change. The US tax agency, the IRS, can be expected to make an appearance among the top phishing targets in the coming months as the deadline for US tax returns approaches. It should be remembered that spam is, first and foremost, a threat that needs to be counteracted, which is why spam that promotes something should not be perceived merely as an advertisement. Even the most harmless-looking email can contain malicious script, and spammers have no problems making money from advertising or from users who unwittingly install malicious code. Kaspersky Lab Newsroom Kaspersky Lab has launched a new online newsroom, Kaspersky Lab Newsroom Europe (http://newsroom.kaspersky.eu/en), for journalists throughout Europe. The newsroom is specifically designed to serve many of the media's most common requests, making it easier for journalists to find product and corporate information, facts and figures, editorial copy, images, videos and audio files, as well as details about the appropriate PR contacts. About Kaspersky Lab Kaspersky Lab is the largest antivirus company in Europe. It delivers some of the world's most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The company is ranked among the world's top four vendors of security solutions for endpoint users. Kaspersky Lab products provide superior detection rates and one of the industry's fastest outbreak response times for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky® technology is also used worldwide inside the products and services of the industry's leading IT security solution providers. Learn more at www.kaspersky.co.uk. For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit http://www.securelist.com. For further information, or to speak to a Kaspersky Lab spokesperson, please contact us on [email protected] or 01189 090909. Editorial contact: Berkeley PR Amy Stevens [email protected] Telephone: 0118 909 0909 Fax: 0118 988 6911 1650 Arlington Business Park RG7 4SA, Reading Kaspersky Lab UK Ruth Knowles [email protected] Telephone: 0871 789 1633 Fax: N/A Milton Business Park OX14 4RY, Oxford (C) 2011 Kaspersky Lab. The information contained herein is subject to change without notice. The only warranties for Kaspersky Lab products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Kaspersky Lab shall not be liable for technical or editorial errors or omissions contained herein. ((M2 Communications disclaims all liability for information provided within M2 PressWIRE. Data supplied by named party/parties. Further information on M2 PressWIRE can be obtained at http://www.presswire.net on the world wide web. Inquiries to [email protected]. |
