One in ten spam messages contains drive-by download link
80-fold increase in one month.
I do not think I am unique in that I can recognize (most) phishing pages from a mile away and that I know that, if
I ever wanted to buy performance-enhancing drugs of any kind, I should not buy them through a link found in a
spam message. However, that doesn't mean I can safely click on URLs in emails to see whether they link to
As someone who keeps a close eye on spam trends, I had noticed a recent increase in spam messages linking to
drive-by download sites: websites that attempt to infect your machine, generally by
exploiting a vulnerability in an outdated browser plug-in. Still, I was a little
shocked when anti-spam firm Eleven reported that, in September, almost one in ten spam messages contained a malicious
URL - an 80-fold increase since August.
Various reports have suggested that there isn't a lot of money to be made in commercial spam these days. The numbers reported
by Eleven indicate that spammers are adapting quickly and, probably by using affiliate pay-per-install schemes, are
finding other ways of making money through their vast delivery networks.
Most of the emails claim to come from well-known brands such as Amazon or LinkedIn - companies from which
many users commonly receive emails. And an even more worrying trend is that of malicious spam sent from compromised
accounts to the contacts in the victim's address book: who would think twice before clicking a link sent to them by
a good friend?
Running a spam filter remains essential to keep most of these threats at bay. But for those emails that do make it through
the filter, running (web) security software and applying security software patches whenever they become available is just
More (in German) at Eleven's security blog
drive-by download, link, spam.
Posted on 24 October 2012 by Martijn Grooten.
Leave a comment.
del.icio.us digg this