Spam reducing, but social media phishing is soaring says Symantec

The study shows that global spam volume was down 22.5% month-on-month in October, and down over 47% compared to August.

The IT security vendor points to botnet shutdowns - including the Zeus ring and - as contributing to the drop. The Netherlands, the report notes, was central in this regard by taking down several servers controlling the Bredolab botnet.

However, whilst spam continued its decline, phishing attacks continued to increase, with social network users as targets.

In October, says the report, the number of phishing sites on social media increased significantly by about 80% compared to the previous month. As in September, the majority of the phishing websites spoofed two brands. Phishing on these two brands combined comprised nearly 98% of all phishing on social media.

Delving into the report reveals that Symantec's researchers have observed a variety of spam using the holiday angle during October, suggesting that Christmas has come early.

These spam angles include replica merchandise, online pharmacy, and even the 419-type Nigerian scam.

Interestingly, Infosecurity notes that the political category of spam increased to 1.4% during October, which the report says was probably due to the then impending November 2010 US elections

When it comes to spam subject lines, the report says that leisure category doubled month-over-month. Five subject lines in the ranking were related to the leisure category, the report adds.

Based on its analysis, Symantec says that internet users should not open unknown email attachments, as they could infect your computer.

Users are also advised not to reply to spam. Typically the sender's email address is forged, and replying may only result in more spam.

And, the report adds, users should never fill out forms in messages that ask for personal or financial information or passwords. A reputable company is unlikely to ask for your personal details via email.

"When in doubt, contact the company in question via an independent, trusted mechanism, such as a verified telephone number, or a known internet address that you type into a new browser window", says the analysis.

Finally, says the study, internet surfers should not buy products or services from spam messages, open spam messages, or forward any virus warnings that you receive through email, as these are often hoaxes.

What’s Hot on Infosecurity Magazine?