False Notifications from Social Networks used for Huge Spam Attacks

According to the report published by security firm Kaspersky Lab, for the second quarter,Q2-2010, one of the major happening during the second quarter Q2-2010, was an exceptionally huge mass mailing which applied HTML-based attacks as emails pretending to be authentic social networking notifications.

An email was dispersed which disguised itself as a notifications from social networks, email suppliers and famous websites like Facebook, Twitter, Digg, etc. These emails were much similar of phishing attacks. Anyhow, if any user clicked on the link, he would be directed to a compromised site, which leads to downloading of some malicious script.

Quite often, these links apply Trojan-Downloader.JS.Pegel.S, a Trojan which is most commonly found malicious program, detected in almost every unsolicited correspondence in Q2-2010. Such trojans are HTML pages that includes summery written in Javascript.

In all, the spam percentage in mail traffic, in Q2 - 2010, was accounted up to 84.4%, a decline of 0.8% as compared to previous quarter, Q1 - 2010. The maximum spam levels were detected on 18th April (2010), 9th May (2010) at 89.8% and the lowest was recorded on 20th April (2010) at 79.2%.

During the first half of May, 2010, the maximum amount of spam in mail traffic was detected, basically due to the less amount of authentic email in the holiday season. Around 0.02% of all emails carried links to phishing sites. Also, the amount of graphical attachments accounted up to 10.3% of all the emails.

Though the rate of spam having graphical attachments found to be 10.3%, still it is 1.4 percentage points lesser as compared to the previous quarter, Q1-2010. The highest number of graphical spam is detected in April, 2010, at 12.53%.

Regarding these findings, Kaspersky Lab revealed that in Q2 -2010, the course of spam criminalization and of the understanding between the spammers, scammers and virus writers was very much evident in spam mailing in June, 2010. Such techniques have already become common and will keep on being popular in the future.

Related article: Flaws Detected in Yahoo Music Jukebox

» SPAMfighter News - 8/10/2010