Chinese Domains Major Source of Spam
Security vendor Symantec has published statistics that show a considerable increase in spam generating from the IP domains in China.
According to a report declared on August 13, 2007, there was sharp rise in spam mails linking to URLs that have ".cn", the TLD (top-level domain) for China. These spam domains increased from almost zero to 450 during July 2007.
One reason why Chinese domains are growing in popularity is the blacklisting of TLDs from other nations. Therefore, spammers register TLDs from countries that are not yet blacklisted. There is also a trend of localizing spam for specific markets being targeted, the report concluded.
The statistics in the report also showed a drop in image spam. In July 2007, about 10% of spam mails were image spam against 50% in June 2007. There was also a decline in spam using '.hk', the Hong Kong TLD, perhaps because of the recent enforcement of anti-spam legislation in that country.
However, with the decrease in the volume of image spam, spammers are using other forms of attachments, such as greeting cards spam, which was at the top of the list. In July 2007, more than 250 Million e-card spam mails were sent out that contained Trojan links, which, on clicking, would download the malware onto the computers. On around 4th July 2007, there was a particularly massive attack. Such e-greeting cards have an exposed IP address, which indicates that the card is not safe.
Financial spam like stock promotions accounted for 18% of all spam in July 2007 making an amount larger than computer or Internet goods and services.
The report noted that spammers are now using PDFs in their e-mails because just like image spam, enterprises and ISPs find them difficult to decode. Further, they are two times more in size than the average message.
The average amount of spam in July 2007 was 66% of total e-mail, same as of June 2007. PDF spam went on to rise to 8% of all e-mail. Though less in number, the ZIP-file and Excel spam were new attachment types indicating how crafty spammers are in avoiding anti-spam filters.
Related article: Chinese Hackers Threatening Korean Game Sites
» SPAMfighter News - 29-08-2007