While the latest spam statistics are not off the chart, spammers have resorted to old tricks to dupe Internet users into following links, according to new research by Kaspersky Lab.
Kaspersky Lab's "Spam in Q2 report" shows spam and phishing traffic has remained relatively stable over the past three months - with spam increasing by 4.2%, to 70.7% of data traffic, and phishing seeing a marginal 0.0016% decline. Malicious attachments, meanwhile, were detected in 2.3% of all e-mails - 1% less than the previous quarter.
What has emerged, however, is that spammers are using old methods - such as malicious e-cards and random text - to hook Internet users.
One of the blasts from the past, says Kaspersky, is e-cards carrying malicious attachments. Traditionally sent out around major holidays, e-card sightings had been few and far between for some time - up until the past quarter. "Kaspersky Lab has again detected these malicious mailings, this time targeting the prominent American greeting card company Hallmark."
Another long-forgotten tactic employed by spammers, random text, was also detected over the past quarter. "In Q1 2013, one of the tricks used by spammers was 'white text', which is essentially random text added to the bottom of an e-mail, where the colour of the text is the same as the background colour."
Kaspersky Lab says this quarter, spammers used roughly the same trick. "They added random text, but this time they didn't even bother to make it 'invisible'. Instead [they] just separated it from the main body of text with a large number of empty lines."
Typical of spammer bait, all of the texts were taken from news stories. Kaspersky Lab explains: "While an e-mail might start out with a bright photograph advertising a certain service, if the recipient scrolled all the way to the bottom, he would find an excerpt of a news story on Hugo Chavez, the Boston Marathon, or the war in Korea in fine print."
Money-making
Loophold Security Distribution MD Martin Tassev points out that money is the driver of spammers, who he says are mostly sales people looking to sell products and services. While not all spam is intrinsically threatening, Tassev says it is one of the age-old banes of the connected community.
"It is annoying and wastes time, takes up disk space and can slow down the network."
Kaspersky's report concurs spammers are ultimately after revenue and, because the biggest profits are generated from malicious spam, they often resort to using a variety of tactics and social engineering.
"Different types of spam generate different amounts of revenue for spammers. Your typical advertising mailing for a small business will bring in a certain amount of money, while advertisements for Viagra, for which the spammer earns a commission for each client who clicked on the link in the e-mail and made a purchase, is paid at a different rate."
The firm points out, however, that an infected computer is worth considerably more than a Viagra purchase. "Spammers are particularly interested in making sure that a malicious program gets onto a computer."
Corporate con
As far as malicious spam goes, Kaspersky's report shows corporates were targeted over the past quarter. The company says spammers used the element of trust and familiarity to lure corporates.
As far as malicious e-mails go, says the firm, "Absolutely all of these were disguised as auto-replies, ie, delivery failure notifications, or notifications of the arrival of an e-mail, fax, or scan.
Kaspersky says malicious users expect corporate employees to "skim over the details, assume the e-mail is legitimate and open the attachment - releasing a malicious program".
Many other malicious e-mails, reveals the report, fake automatic notifications of the arrival of a new scan or fax document.
"Next, of course, another sophisticated spammer trick is to bring up data security. One of the e-mails Kaspersky Lab saw this past quarter imitated a message from Citigroup and told recipients that they had an encrypted message waiting for them."
Kaspersky says phishing attacks have seemingly taken on a more organic form. "More and more often these days, phishers are wary of relying solely on the human factor and are less willing to wait for users to enter their own data. Instead, malicious users are now sending out malicious e-mails seeded with Trojans that steal usernames and passwords, including for online banking accounts."
The firm notes that malicious attachments are not only found in e-mails masquerading as forms for Facebook and other popular online resources. "They can also be found in e-mails disguised as official bank messages."
The general distribution of organisations targeted by phishers remained relatively unchanged from the previous quarter, says Kaspersky. The number of attacks launched against social networks fell by 3.3%, and the percentage of attacks against financial organisations increased by 1.2%.
Kaspersky notes its recent report is the first to show stabilisation in spam traffic, with many fluctuations in spam numbers having trended over the past years.
"Kaspersky Lab expects that the percentage of spam will remain at this level in the future."