Spammers would rather switch than fight, says Commtouch

The change in tactics by spammers has emerged as spam levels dropped dramatically after the takedown of high-profile botnets, such as Rustock, Commtouch's Internet Threat Trend Report found.

Spam levels averaged 113 billion messages per day during the second quarter of 2011, the lowest in three yeas, according to Commtouch. The company said its report reflects the results of its analysis of billions of Internet transactions daily within the company’s cloud-based GlobalView Network.

“Our experience with these things is that once the botnet goes down, the spam levels drop. And then they subsequently shoot up again after a few weeks. But this time we saw spam levels stay at the relatively low levels they dropped to”, said Avi Turiel, director of product marketing at Commtouch.

“We have seen a lot more usage by spammers of compromised accounts…where they have stolen user credentials, logged into legitimate users’ accounts, and sent spam from these accounts”, Turiel told Infosecurity.

“When you are sending spam from someone’s Yahoo account, you can’t send thousands of emails because Yahoo picks that sort of thing up. So you are seeing less amount of spam, but it is still there. This explains why spam is down”, he added.

The most popular spam topic in the second quarter was pharmacy ads, although these now represent only 24% of all spam, down from 28% in the first quarter.

Approximately 377,000 zombies were activated daily during the second quarter, a significant increase compared to the 258,000 zombies in the first quarter. India kept its title as the country with the most zombies – 17% of all zombies worldwide, according to the report.

Another trend identified in the report was the attachment of malware to bogus emails from UPS or the Internal Revenue Service (IRS).

“At the end of June, people started to get emails purportedly from the IRS, saying ‘Your electronic payment has been rejected’. We believe that it has been a very successful attack because we saw an exact replica the week after and again last week….Even if you are a computer savvy person, if you get this email...most users would throw caution to the wind and click on anything to find out what’s going on”, Turiel said.

In addition, Facebook is continuing to be abused for malware attacks as more and more consumers expand their use of the social network, the report found. For example, Facebook malware tricked users by promising applications that reveal who was viewing their profiles as well as Osama Bin Laden death videos.

What’s Hot on Infosecurity Magazine?