More Than 90% of E-Mails Were Spam
Glendale, Calif. — Oct. 27
PandaLabs, Panda Security’s malware analysis and detection laboratory, announced that less than 6 percent of e-mails that reached companies in the third quarter of 2008 were legitimate correspondence. Moreover, 1.43 percent of e-mails contained malware.
The data, extracted from a sample of more than 123 million emails and analyzed by TrustLayer Mail, the anti-spam managed service from Panda Security, found the most frequently detected strains of malware during this quarter included Netsky.P and the SpamtaLoad.DO and SpamtaLoad.CZ Trojans.
Month, % spam, % infected
- April, 94.75, 0.88
- May, 94.71, 0.97
- June, 93.35, 0.87
- July, 90.43, 0.98
- August, 93.01, 0.99
- September, 91.89, 2.34
“The percentage of infected e-mails increased significantly in September, to more than double the levels that we had witnessed in previous months. This could be related to the financial crisis, as cybercrooks step up attacks to enhance their chances of success and avoid the effects of the economic recession,” explained Ryan Sherstobitoff, chief corporate evangelist for Panda Security.
PandaLabs found an alarming 91.77 percent of e-mails delivered to business inboxes were spam. This number peaked in August when more than 93 percent of mail traffic analyzed by Panda Security was cataloged as spam.
Much of this illicit traffic was sent from computers infected with bots, a type of malicious code that allows cybercrooks to take remote control of compromised systems. Once a computer has been infected, it becomes what is colloquially known as a “zombie.”
These zombie computers, under the control of cybercriminals, are then networked together to form botnets that are used for a range of malicious activities that includes sending spam. In the past three months alone, more than 330,000 new zombies were activated each day.
Top spam topics of the quarter included sexual enhancers (23 percent), pharmaceuticals (19 percent) and loans (12 percent).
New Spam Trends
The third quarter of 2008 saw the expansion of the use of .swf (Flash) files to dodge anti-spam filters. This particular strategy involves including links in junk mail with interesting news headlines or erotic photos that then connect to an .swf file. The files themselves are generally hosted on legitimate Web sites but are actually designed to redirect users to the Web page that cybercrooks want to advertise. The most common sites involved in this scheme were fake online pharmacies.
Another popular scam that arose in the third quarter was the use of vertical writing and hidden characters to trick content-based anti-spam engines. The technique involves writing messages vertically instead of horizontally to avoid being caught before it can appear in a user’s inbox. Also included in these emails is an additional message contained in white font that can only be seen once the user selects the content of the mail.