And who says there’s no love for spam?
Well, for starters, I do. And it’s a cinch that everyone who’s been on the receiving end of the nasty stuff won’t be buying Valentine’s Day cards for spam. But spammers must love spam. After all, if they didn’t, what would be the point of making everyone else miserable?
And those spammers must be having a great big pig roast right now (or whatever it is they do when they’re not spamming). Rumors of spam’s demise have been greatly exaggerated over the past few years, perhaps wishful thinking on the part of security analysts and IT experts who would just like to get home to the family and have a normal life. This we’ve known for a while. And the founder of that pig roast is a recent report which states that spam is on the rise again. And just when you thought it was safe to go back into the inbox, spam in the second quarter of 2013 jumped to over 70% of all emails being sent.
Security firm Kaspersky Labs just released its Q2 2013 spam report, and according to the report, spam between April and June increased by 4.2% to 70.7% of all email traffic during the quarter. Now, if that sounds like a lot, it’s because it is. Seven out of ten emails are spam, and that’s just not the news that anyone wants to hear, but as long as the spammers are making money – and we all know that spam and phishing are numbers games – spam will prevail, and it’s not going anywhere, except maybe past your spam filter and into your inbox.
Other notables in the report include that overall phishing numbers fell ever so slightly (from 0.0016% to 0.0024% between the first and second quarters), and that phishing attacks also registered a small decline, dropping one percent to 2.3% from quarter one to quarter two.
The report flags some interesting trends, too. Kaspersky noted an increase in malicious attachments, noting that different spam types offer different revenue streams for spammers. That malware continues to spike should be no surprise to anyone, considering that the results of malicious software can account for big payoffs for the spammers. According to computing.co.uk, “Trends listed by the Q2 report include the return of eCards containing malicious software. Previously common during major holidays such as Christmas and Easter, spammers have now started to send them out across the year, specifically targeting card company Hallmark.”
Corporate users should take note, too. Spams targeting corporate users were on the rise, with the report noting that these emails usually came in the form of auto replies like a delivery status notification, failed transmission, fax, scan, and the like. The report noted that, rather than use one type of social engineering attack, they mixed it up. According to the report, “that is exactly what makes these emails seem less suspicious. Malicious users expect corporate employees to skim over the details, assume the email is legitimate and open the attachment — releasing a malicious program.” The attachments to these emails contained a number of malicious apps, and interestingly enough, the fake attachments were crafted to look like they came from JConnect or an HP device, indicating that the spammers are getting even wilier by showing they understand their targets.
Spamfighter.com notes that “during June 2013 spammers actively used the name of Apple Founder ‘Steve Jobs’ in most of their spam.” Again, the spammers continue to get smarter and more targeted in the way they’re appealing to their ‘audience.’ And this is bad news for sysadmins, because it could mean that people will be more susceptible and will be lured more easily – especially in large organizations where the bar for vigilance and spam-ed may be set low due to the sheer number of users and the reliance on back-end infrastructure to catch the traps before they catch you.
Another old trick that’s reared its ugly head is the use of random text, but with a twist. But instead of using white text – text at the bottom of the message that was colored white to match the background – now the spammers haven’t even bothered to make it invisible, instead just separating it from the main text and pulling quotes from news stories, obviously with the intent of befuddling spam filters.
With back to school just around the corner and the holiday season looming in the coming months, this can’t be the news anyone wanted to hear. But if you’re like me, you’d rather know that the wolf is outside your door.
Time to reinforce that door.