Spammers Come Up with Technically More Superior Ruses
In the month of March 2008, spam reached a mean of 81% of the total e-mail traffic with an unprecedented peak of 88%. Compared to that, the first half of 2007 saw 65% of spam and the second half 70%, according to Symantec, the security software provider, in its "State of Spam" report for April 2008 as reported by ITweb on April 4, 2008.
Symantec also indicated that most of the unsolicited e-mails, around 23% originates from the US, with Russia securing second place by producing approximately 6% of the spam.
Additionally, the report highlights the rise of 419 scam e-mails on the 2010 Soccer World Cup. Usually, the 419 spammers refer to unclaimed property to entice their targets, however, they are now using the 2010 South African World Cup as a strategy to victimize users.
Another spam trend in April 2008 involves the conclusion of the US tax year this month. Some spammers are pretending to be representatives of the US IRS (Internal Revenue Service). One batch of these IRS frauds claims to notify taxpayers about their entitlement to refund provided they enter their payment card details on a Website that doesn't show the IRS URL. Another batch uses techniques of social engineering that convince recipients into downloading malware.
Symantec also cites another technique of spam that harnesses TurboTax, popular tax software used in the US for April 2008. In this, the spammer further recommends the user to load software updates in order to meet with the new IRS requirements. The immediate suspicion would relate to the 'From' details, which contains a '.cn' domain suggesting that the message might be from a business other than the IRS.
The second suspicion relates to the URL, turbotax.com/update that does not seem to be the TurboTax official site, but from a randomized and alphanumerically crafted URL that opens an empty page containing a pop-up asking to download some odd file.
Hence, according to Symantec, users could analyze the legitimacy of e-mails by relying on their commonsense. They should also use an e-mail security system that ensures up-to-date defenses against the entire package of online threats.
Related article: Spammers Continue their Campaigns Successfully
» SPAMfighter News - 11-04-2008