Johannesburg, 14 Aug 2007
Spammers are changing tactics, according to Symantec. In its monthly spam report, the security company says overall activity remained steady in July, with 66% of mail profiled at the SMTP layer identified as such.
"Image spam is on the decline, while the use of document attachments like PDF is on the rise," Symantec says, adding that image spam "recorded its lowest percentage of total spam at 8% in mid-July.''
In addition, spam emanating from Chinese top-level domains has significantly increased.
At its peak last January, Symantec estimated that image spam accounted for nearly 52% of all spam. PDF spam now accounts for between 2% and 8% of all junk mail, with Excel and Zip files in particular being abused as spam receptacles.
"Spammers love playing the cat-and-mouse game and so, as expected, in July, Symantec observed spammers using other attachments to promote stock and pharmaceutical spam. Stock and pharmaceutical spam were traditionally the most common spam types sent by image spammers," the company says in its monthly anti-spam release.
"The extent of spam messages using Excel and Zip files remains low at this time, but it indicates just how committed spammers are to evading anti-spam filters."
Spamming is also becoming more regionally focused, Symantec says. Since its last focus on the Europe, Middle East and Africa region in April, Symantec says financial and adult spam has decreased 8% and 4% respectively. On the debit side, health and product spam have increased 5%.
Greeting cards
Greeting card spam containing links to viruses is not particularly new. "However, it has been particularly virulent in the month of July with over 250 million of these spam messages being targeted towards a sample set of customers."
The content of these messages includes links ranging from everyday greetings to holiday-specific cards, such as the 4th of July. Each message contains a link to the "greeting card". The link in these cases was an exposed IP address, which is a clear indicator it isn't a greeting card from an established and reputable e-card service.
"When clicked, the link delivers a downloader - a program that accesses the Internet and downloads a Trojan onto the computer," Symantec cautions.
Related stories:
Malware targets bloggers
Spammers use Excel to cloak malware
Share