News

Researchers Expect More Spam for the Holidays

• By Stephen Swoyer
• 11/10/2009

The sharp decline in spam volumes that attended last November's shutdown of the notorious McColo hosting provider seems to have come to an end. Spam levels increased steadily in both August and September, a trend that continued in October, according to the latest research.

With the holidays -- long a fruitful phishing ground for spammers and other malcontents -- fast approaching, spam levels seem to have rebounded to pre-McColo levels, and that has some security researchers worried.

Spam accounted for 88.1 percent of all e-mail volume in October, an increase of 1.7 percent over September, which in turn saw increased spam volume relative to August. Researchers warn that with Thanksgiving, Christmas, Boxing Day and New Year's on tap, spam levels will increase further still.

Spammers are nothing if not proactive, noted researchers from security specialist and Symantec subsidiary MessageLabs. Like many retail shops, spammers are already pitching Thanksgiving-, Christmas- and even Valentine's Day-themed mal-mailings.

"Thanksgiving and Christmas are both important times in the spammers' calendars, and MessageLabs Intelligence has already identified a significant number of spam messages relating to these holidays," wrote MessageLabs researchers.

"To date, [holiday-related mailings] accounts for approximately 2 percent of all spam. More than 2 billion Thanksgiving- or Christmas-themed spam e-mails are projected to be in circulation globally each day," they continued. "It is worth noting that MessageLabs Intelligence has also been tracking the first runs of St. Valentine's Day spam more than 3 months before the occasion...Again sent from the Cutwail and Rustock botnets, these spam messages relate to pharmaceutical and medical spam."

There's a bright spot, however: Phishing attacks in the English-speaking world are less prevalent. One possible explanation, researchers say, is that fewer trusted phishing toolkits are readily available. Call it a case of malware biting its malicious architects.

"Toolkits such as Zbot or Zeus used to be preferential for those cyber criminals who could afford to buy them, until they fell into the public domain and became plagued by hidden backdoor Trojans. The Zeus toolkit can be used to create highly customized botnets, phishing attacks, and identify theft and other malicious activities," the researchers wrote.

On the other hand, phishing activity in non-English-language mailings is almost certainly increasing. Phishers also appear to be broadening the scope of their attacks, targeting Web-based e-mail services in addition to bread-and-butter financial services. "Phishing attacks in languages other than English appear to be increasing, and languages such as French and Italian are becoming increasingly popular for phishing attacks," the researchers wrote.

"Although the financial sector is the most common target of phishing attacks, online services such as Web-based e-mail are also popular. The reason for this is perhaps the widespread use of e-mail addresses being used to authenticate other sites, especially social networking sites, online retailers and auction sites."