Just when computer users have been enjoying relatively fewer spam messages reaching their emails for sometime now, a security firm now reports that the annoying practice has reached a two-year high with a record spike recorded last fall right before the SpamIt operation ended. This time, the spam messages were not just annoying, they now carry malicious code in their attachments, luring unwary userd to open them like they used to and activate the malware.
Over the 2-year period, Spam traffic overall is now double what it was two years ago, according to the M86 Security labs, a private internet protection company focused on web and email security and content filtering products. Its recent report is based on its monitoring of spam levels at select domains.
At the company’s blog site, the company disclosed that after recent botnet takedowns, it has found that online criminal groups remain on the lookout to build their compromised sites or botnets to lure unwary browsers as well as distribute fake media content in the process. According to the site, “It seems spammers have returned from a holiday break and are enthusiastically back to work.”
The private report came hot on the heels of another report from Internet Security company Commtouch that disclosed the fall spike in email-attached malware has ended though future waves can be expected.
M86 further added in the blog that most spam incidents were generated by the Cutweil and Festi botnet sites with malicious spam accounting for 13% of all spams recorded last week, considered unusually high but was surpassed by a peak of 25% registered last Wednesday. It also revealed that many of the malicious spam were couched in fake email content from UPS. This concurs with the Commtouch findings that confirmed spams from Festi and Cutweil were about UPS messages with attached malware.
The M86 report also listed other botnets that send out other forms of malware in their email attachments. For instance, the Asprox botnet sends hotel transaction scams with password-stealing and fake antivirus attachments. In general, most in spam messages carried subjects on gambling, dating and pharmaceuticals, according to M86.