Spam emails rocketing

Internet users had to cope with rocketing levels of spam last month, along with a number of phishing attacks and the arrival of a new botnet.

The gloomy news from Messagelabs' Intelligence Report for May 2008 showed that spam levels are increasing; levels reached 76.8 per cent of all emails last month, which the security company said have not been experienced since early 2007.

According to Messagelabs, the rise is due to the change of tactics adopted by the spammers who are moving further away from reliance on new and undetectable email attachments. Instead they are exploiting free, mainstream hosted services such as Google Docs, Calendar and Microsoft SkyDrive, which are not filtered by traditional spam filters.

Mark Sunner, Messagelabs' chief security analyst, said: “The savvy, intelligent and accurate cybercriminals of today seem to have abandoned the attachments tactic that was so innovative in late 2007 and are now focused on exploiting free hosted applications which have become mainstream in 2008.

“The spammers are taking advantage of the fact that these services are free, provide ample bandwidth and are rarely blacklisted; this is one more addition to the growing list of ways the spammers have succeeded in outsmarting traditional detection devices.”

In addition to the variety of new spam techniques, Messagelabs also identified several new phishing exploits and a challenger to the Storm botnet this month. Although Storm is still a huge threat, accounting for more than 81,000 copies of a new wave of malware with the file name iloveyou.exe, Messagelabs believes that the Srizbi botnet poses a serious challenge. It accounted for 40 per cent of all spam last month.

It has been used by phishers to take advantage of the Central Bank in Missouri’s ‘Go Green’ campaign to lure recipients into sharing their bank details in order to register for eStatements.

The company also uncovered evidence of phishing attacks claiming to be from HSBC bank which purported to be a secure connection via an https. However, closer inspection revealed that it was actually a standard http link to a domain pretending to be the bank.

“If the distribution of malware by Storm this month was successful, we could expect to see a renewed deluge from Storm next month and further competition between Storm and Srizbi,” said Sunner.

The report also shows the continuing problem of infected websites. Messagelabs also identified an average of 1,311 new websites per day harbouring malware and other potentially unwanted programs such as spyware and adware, an increase of approximately 100 per day compared with the previous month.