Symantec claims spam continuing its downward spiral

The report appears to confirm reports from the BBC and security researcher Brian Krebs, although the slightly bad news is that phishing volumes appear to be up.

Delving into the statistics from the report shows that March spam dropped by 27.4% in that month, along with a further drop of 5.4% in April.

This means that spam now accounts for 74.8% of all email messages – a significant drop on the 89.2% figure noted in April last year, Infosecurity notes.

Phishing levels, however, rose by 15.6% in April says Symantec, noting that this growth was fuelled by a rise in phishing websites created by attack kits, which increased by 26.2%.

According to the security vendor's report, many of the phishing attacks seen exploited the death of Osama bin Laden and spoofed legitimate media brands as the source to create trust and a feeling of authenticity.

These attacks, notes the report, attempted to trick users into clicking on links that supposedly led to uncensored photos and videos from the raid but instead pointed to malicious files or poisoned web pages.

Phishing attacks do appear to be taking over from spam, as the report notes that phishing emails that used unique URLs increased by 12.3% during April.

Phishing websites with IP domains instead of alphanumeric 'regular' web addresses, also increased slightly during April by about 5.5%, and web hosting services comprised 12.0% of all phishing, a massive increase of 10.3% from the previous month.

Interestingly, Symantec found that 89.0% of the phishing sites were hosted on free web hosting sites, whilst 13.0% were typosquatting – typosquatting refers to the practice of registering domain names that are typo variations of popular websites.

What’s hot on Infosecurity Magazine?