Bogus IDs for Gmail spam Disseminate Malware
Commontouch, In its quarterly 'Internet Threats Trend Report' published on April 14, 2010, highlights that spammers have set up false Gmail accounts, and are using them to exorbitantly spam inboxes, causing 'Gmail.com' to be the most exploited Internet name.
E-mail IDs are typically falsified so as to dodge spam filters, while the addresses appear reputable and authentic. Merely 1% of spam e-mails distributed from Gmail IDs have, in fact, genuine Gmail accounts as their source. Moreover, this tiny proportion probably represents spammers' own as well as hijacked Gmail accounts. In general, 5-10% of the total junk e-mail seems to have Gmail accounts as their origin, says Commtouch.
Security researchers, while commenting on these findings, stated that spammers have gained expertise at abusing domain names that are most popular to make their innumerable messages look legitimate.
Phishers and spammers often use Gmail's e-mail pattern, and also the message style of Facebook and PayPal to create standard templates in their attacks. During Q1 2010, users of Google and Blogger were attacked with a phishing campaign which used a template that employed ways to successfully hide the e-mail message's "phishy" character.
From January-March 2010, 83% of the total e-mails were spam, reaching a peak of 92% by March-end after being lowest at 75% when the year began. Considering the day-to-day trend, 305,000 compromised PCs that hackers added to botnets were used to leverage harmful operations. Incidentally, Brazil generates the maximum number of zombie (compromised) PCs, 14% of the world aggregate.
Needless to say, the security firm added, porn and adult websites are at the greatest risk of becoming contaminated with malware. This is in contrast to them not being the greatest contaminated category prior to the past quarter.
Asaf Greiner, Vice-President (Products) for Commtouch, said that cyber-criminals and spammers rely on trial and error methods for achieving their objectives, as per the news published by MarketWatch on April 14, 2010. The VP further states that the said attackers continuously test new methods for enticing their victims. These methods vary from utilizing known domains and formats to developing completely new techniques for invoking response, he adds.
Related article: Bugs Swell In Browsers in 2006
» SPAMfighter News - 27-04-2010