Symantec has once again delivered us the company’s monthly spam report. We dig through the facts and figures to tell you what’s changing in spam, and why.
The last few weeks have made up a particularly heavy month for spam, with junk mail making up 81% of all emails sent, an increase of 3% from last month. The USA proved by far the largest country of origin, responsible for 23.5% of the spam, with Russia and Turkey trailing far behind with 6% and 5% only.
This month also saw anti-spam services throttling massed webmail coming from Gmail, Yahoo! and Hotmail, following increased use of the webmail services by spammers. Recent months have seen automated attacks from spammers that break the CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) that webmail services use to prevent automated account signups, allowing spammers to use free webmail accounts to send spam. A commonly used CAPTCHA requires humans to decipher a string of letters that are warped so as to prevent automated reading.
A system many spammers have previously relied on to get around CAPTCHAs involves the hiring of sweatshops in India. Bots are created that sign up for accounts before sending the required puzzle to humans paid as little as $4 a day.
Another spam technique that saw an increase in popularity this month was backscatter, a method which allows spam to bypass many antispam filters. The sender simply places the target recipient in the ‘from:’ header, and then a random email address in the ‘to:’ header, so the spam fails to reach its target and bounces straight back to the sender. If you see any junk mail in your inbox that appears to have been sent by you, this is the reason why.
Other trends to watch out for include a rise in spam which mimics automated emails from social networking sites, and scam emails that gather personal information under the pretence of offering prize tickets for the 2010 South African World Cup. The spam landscape proves once again that if it’s popular, it’s going to get exploited.
Thanks again to Symantec for the info.
Follow us on
