Global levels of e-mail spam dropped to an unprecedented five-year low last year, although end-users cannot expect a similar level of relief this year.
Spam levels dropped throughout 2012, before finally settling at 72.1% of all e-mails, an 8.2 percentage drop compared with average levels in 2011, according to Kaspersky Lab data. "Such a prolonged and substantial decrease in spam levels is unprecedented."
Although less unwanted mail appeared in inboxes during 2012, this does not mean spam will be wiped out altogether.
Darya Gudkova, head of content analysis and research at Kaspersky Lab, says although the spam share of inboxes dropped considerably last year, it is still high and, unfortunately, it will never disappear.
"That doesn't mean spam is headed the way of the Dodo anytime soon: malicious spam, fraud, and advertising of illegal goods cannot simply or easily migrate to legal platforms, due to their own inherently criminal nature. We expect that the decline in spam volumes in 2013 will be negligible at best."
Fighting back
The main reason behind the decrease in spam volume is the overall heightened level of anti-spam protection, says Kaspersky. "Spam filters are now in place on just about every e-mail system, even free ones."
In addition, many e-mail providers have introduced mandatory Domain Keys Identified Mail (DKIM) signature policies. DKIMs are digital signatures that verify the domain from which e-mails are sent.
Gudkova adds that another reason for the decline in spam in 2012 was due to the migration of advertisers from spam to legal advertising platforms, such as social networks, blogs, coupon services and others.
"It turns out that modern legal ads are cheaper and better targeted than spam. However, such migration is only possible for advertisements for legal goods and services," says Gudkova. She notes that spam often contains reference to counterfeit and illegal goods, as well as fraud, phishing and malicious e-mails.
"All of these can't move to legitimate platforms because of their criminal nature. So we can't say that spam will completely disappear, rather we can say that it will be more criminalised."
China, which was not even in the top 20 sources of spam in 2011, took first place in 2012, accounting for 19.5% of all unsolicited mail. Spam originating in the US increased 13.5 percentage points, to 15.6%, the second largest region.
Local win
Arthur Goldstuck, MD of World Wide Worx, says local users will have also benefited from the global phenomenon, which is mostly due to spam detection software, such as the filters on Gmail, which are effective.
Goldstuck adds that people sometimes classify unwanted mail as spam when they are connected to the sender, such as questionnaires from connections on sites such as LinkedIn. Some people may also think they are receiving high levels of spam when this is not the case.
While spammers are losing the war, the irritation will never completely go away, but will become more sophisticated, says Goldstuck.
The Internet Service Providers' Association was not able to comment on local spam this morning.
Malware threat
Despite the drop in the overall percentage of spam in mail traffic, the proportion of e-mails with malicious attachments fell only slightly, to 3.4%, says Kaspersky. "This is a very large percentage, considering that this number reflects only e-mails with malicious attachments and ignores other spam e-mails containing links to malicious Web sites."
Gudkova says the amount of malware in mail traffic skyrocketed in 2010, and is still high; however, it is not rising.
The relationship between spam and malware is symbiotic in nature. Gudkova explains that users may receive mail with a malicious links that redirects them to a malicious site with exploits, which could see the user losing their passwords and their machine being used as part of a botnet sending spam.
In 2012, the range of subjects expanded, notes Kaspersky.
Previously, malicious users relied on fake notifications from hosting services, social networks, delivery services, and messages from financial and government organisations. In 2012, they expanded their repertoire to include fake messages from a variety of airlines, hotel reservation services, and coupon services.
"Criminals nowadays make their mails look exactly like legitimate e-mails: notifications from social networks, delivery services, online shops, booking services and so on, so a mail looks familiar and credible to a user," cautions Gudkova.
Share