Significant rise in malicious spam and phishing

Over one quarter of malicious emails contain eight-year-old malware.

Email security firm eleven has reported a significant rise in both malicious emails and phishing emails in the first quarter of 2012.

In its latest quarterly report, the company says that while spam levels stayed more or less constant, the volume of emails with malware attached to it increased by over 80%. The volume of phishing emails increased by more than double that rate.

With about one quarter of spam advertising (fake) pharmaceutical products, pharma spam continues to be the most prevalent. The company also noticed a significant rise in casino spam in recent months, which now accounts for close to one fifth of all spam. The third most common subject in spam messages was fake luxury goods.

Given its notorious reputation and the many variants that exist, it will come as little surprise that Zeus (also known as 'Zbot') was the malware family that was most likely to be attached to emails; two Zeus campaigns alone accounted for more than one third of all malicious spam. More surprising was the fact that more than one in four malicious emails contained a variant of the 'MyDoom' worm: MyDoom was first seen in January 2004 and should thus be detected by any anti-virus product - even those that have not been updated for a long time.

For a long time it had been believed that malicious spam was a thing of the past and that spam filters and anti-virus products together made email a less attractive method for cybercriminals to spread malware. However, the volume of malicious emails saw a sudden spike in August 2011, and this trend has continued, with spammers using various credible-sounding subjects to trick the recipients into opening the attachments. On a much smaller scale, the use of malware attachments in targeted attacks also continues to be a problem.

More at eleven's website here (in German).

Tags: malware, mydoom, phishing, spam, zeus. Posted on 11 April 2012 by Virus Bulletin. 0 comments.

del.icio.us

digg this

Blog Archive


	India believed to be source of sophisticated surveillance campaigns German anti-botnet advisory recommends the use of ad blockers for security Commoditization increasingly seen in mobile malware Microsoft 'found to make requests' to URLs shared via Skype Program turns anti-analysis tools against the malware Twitter, Facebook accounts used in watering hole campaign Old posts 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 Subscribe \| View All virusbtn: Breach Detection Systems (BDS): yet another acronym for the sales team, or the answer to zero-day malware? https://t.co/GZy0Lcywqq 6 hours ago virusbtn: Chrome 27 fixes flaws and saw Google pay thousands of dollars in bug bounties for reporting them http://t.co/lSnwdo74QQ 7 hours ago

News


	See also Calendar of Events Polls

Quick Links

Poll

Do current laws offer enough protection for ethical ('white-hat') hackers?
Leave a comment
View 4 comments

VB100 certification


	This month's VB100 comparative on Windows XP brought something of a mixed bag, as several vendors appear to have decreased support for the platform in favour of the newer Windows 8. John Hawes has the full set of results. See full results.

Virus Bulletin currently has 227,267 registered users.

Covering the global threat landscape

Significant rise in malicious spam and phishing

Old posts