Spammers Can’t Wait for Christmas, Look to Corner the Coal Market

If Santa Claus exists (he does) and truly keeps a list of all the naughty little boys and girls (he does), then spammers had better not pout and better watch out this Christmas season. While they aren’t the very worst people in society, spammers are pretty close, and there’s little doubt that after murderers, rapists, child molesters and marketing people, spammers fill out the top of Santa’s list. And as much as the energy producing community would like you to believe that oxymorons like  ‘clean coal’ are a euphemism for responsible environmental practice, coal is indeed a dirty business and spammers appear to be lined up to receive a buttload of the nasty stuff when the jolly old elf makes his rounds near the end of the month.

Spam on the Rise

According to Kaspersky Labs’ spam report for October, spammers got a head start on holiday spam, using the holiday season as well as the names of some well-known telcos and the conflict in Syria in an attempt to separate people from their hard-earned money. Not wanting to stop there, however, spammers also pitched magic – yes, you read that correctly. Apparently, love spells and incantations are in vogue this holiday season, and according to Kaspersky, spam rose 6.6 percentage points in the month of October, bringing global spam traffic to 72.5% of all emails sent in the month.

According to the report, Trojan fraud is the most popular malware of all malicious links or attachments sent via email, imitating a phishing HTML page and distributed by email, mimicking notifications from commercial banks, e-stores and other online services. “ Once users land on the site, they are prompted to enter their credentials – which are immediately forwarded to the fraudsters, jeopardizing the victims’ confidential information.”

Second in rankings during the month of October was Trojan Fareit, a “malicious program designed to steal logins and passwords from compromised computers.“ The mail worm that sounds like a breakfast treat, Bagle, landed at third place, regaining some ground after tailing off earlier in the year. Bagle “self-proliferates to addresses in the victim’s address book. It can also download other malicious programs onto a computer without the user’s knowledge.”

Telcos are People, Too

(Well, not really. They’re big businesses that suck people’s wallets clean) As mentioned previously, Kaspersky has detected a trend where fraudulent spammers are using popular telcos as a way of proliferating their nastiness. In September, Kaspersky notes, spammers used the name of the BT Group (UK) to distribute Trojan downloader Dofoil, and in October they used one of Canada’s telecom providers, Telus Mobility, to spread the hate. “An attached ZIP archive contained Trojan Zbot, a malicious program designed to steal users’ banking information. The fraudsters use rootkit technologies which allow them to successfully hide their executable files and processes from the system (but not from antivirus programs).”

Show Me the Money!

In the ‘tell me something I don’t know’ department, what we’re seeing here is the continued and increasing wiliness of the spammers, utilizing multiple methods and more sophisticated tricks to ensnare their victims. “The fraudsters are looking for new ways to trick users and are actively expanding their list of high-profile company names for use in scams,” says Tatyana Shcherbakova, Senior Spam Analyst at Kaspersky Labs.

And there’s no coincidence that we’re seeing a ramp-up now. With October representing the symbolic beginning of the long trek toward the holy grail of the retail world – Christmas – and holiday creep slipping into September, the spammers are thinking exactly what retailers are when it comes to consumers. They’re distracted and probably so stressed about the holidays that they become vulnerable to any pitch at any time. Money, credit, family, travel, weather, and numerous other stressors are heaped upon us, and time suddenly seems to double in speed as the end of the year comes careening in.

To make matters worse, email marketers, the cardiac-challenged siblings of malicious spammers, are taking to the Internet in record numbers to ramp up the sales that retailers feed off of like they were Rob Ford and the sales were a crack pipe. It’s no secret that email marketers are little better than their fraudulent twins, and there’s no more dangerous time for your wallet than the weeks leading up to year-end.

With all that being said, the hope is that, whichever holiday it is you choose to celebrate, you and your employees have a safe and happy one, and that spammers everywhere get a nasty case of black lung.

Leave a Reply