The Register® — Biting the hand that feeds IT

Feeds

Junk email volumes hit high

Spam volume increases despite swine flu

By John Leyden, 27th May 2009
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Nine in ten emails in circulation are spam, according to the latest stats from email security services outfit MessageLabs.

The abuse of free hosted domains is playing a major role in clogging users' in-boxes with get-rich-quick scams and penis pill offers, MessageLabs reports. The security services arm of Symantec noted that junk mail levels reached 90.4 per cent during May. That figure includes email from "new and previously unknown bad sources" so the actual raw figure is probably even higher.

Most of the spam detected in May had little content beyond a subject line and valid hyperlink, sometimes linked to profiles on social networking websites. Often junk emails were sent through valid webmail hosting providers, rather than using spoofed addresses. Other rudimentary filter-evasion techniques include the use of Russian language characters in spam messages.

"As spam levels continue to increase, we are seeing existing attack techniques combine and morph into one," said Paul Wood, MessageLabs Intelligence senior analyst at Symantec. "In 2008 CAPTCHA-breaking, social networking spam and the use of webmail for spamming all became popular tactics. Today, the bad guys are using the three together as a triple threat to heighten the effectiveness of their spamming."

MessageLabs also looked into the time when recipients were sent the greatest volume of spam, a metric that varied with geography. US residents tended to see spam peak between 9 and 10 am local time, before dropping overnight, while Europeans are more likely to receive a steady stream of junk mail throughout their working day. Over in the Asia-Pacific region, by contrast, spam tends to come in overnight.

The study also looked at locations harbouring malicious content, finding that the majority (84.6 per cent) of web sites blocked for harbouring malware during May were well-established domains more than a year old. In May, 7.0 per cent of email-borne malware contained links to malicious sites.

"Spammers using better-known and thus more widely trusted web sites to host malware is reminiscent of the spammers who rely on well-known webmail and social networking environments to host spam content," Wood said. "The trustworthy older domains can be compromised through SQL injection attacks while newer sites are more likely to be flagged as suspicious – a temporary site set up with the sole purpose of distributing spam and malware – and thus faster to get shutdown."

MessageLabs complete report can be found here. ®

Agentless Backup is Not a Myth

COMMENTS

House Rules Send Corrections
All Reader Comments (26)
Latest Comments
Anonymous Coward
Anonymous Coward

The Problem With Spam

is the idoits who are real hits... who actually do want the tat that is being sold. as a 0.01% hit rate makes all the rest justifiable...

I do not like spam. I will not buy from any company that emails me, at all regardless. As I do not wish to be in that 0.01% that are the hits that make spam for the rest of us.

I also refused to send emailshots for my employer on principle, (I still have my job and have not been asked again).

0
0
rob hindle

Only 90% who are they kidding?

Set a catch-all address on a domain and there's a good chance you'll get a lot more than 90% junk, I've seen cases where not only do spammers send to every common forename @ but also to all 4 letter combinations @.

I think many of those never get spotted by the people who provide these low figures of only 90% because they get blocked before hitting spam filtering. Also the figures are probably distorted as they come from the likes of messagelabs whose users are a pre-selected bunch of relatively sophisticated users and big spenders, not the small businesses who've never even heard of messagelabs and use much less sophisticated spam filtering.

At one point I set the catch-all for a high visibility domain name to a gmail account - it ran out of space in a week (that was when Gmail could only store 1GB - about 250,000 messages if I recall...).

If that's a common experience I guess most of the internet "backbone" bandwidth is being used for spam. Everything would be faster and cheaper if spam could be killed.

0
0
Parax

Health Warning..

If you receive an email from the Department of Health telling you not to eat tinned pork because of swine flu - ignore it.

It's just spam.

0
0

More from The Register

breaking news
Number of cops abusing Police National Computer access on the rise
Only a telegram from the Queen can get you off it
132
breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
Flash flaw potentially makes every webcam or laptop a PEEPHOLE
But it's a Google problem - Chrome only, insists Adobe
59
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
breaking news
Yahoo! joins! rivals! in! PRISM! data! request! admission!
Keep calm and carry on using American tech firms, folks
41
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
'BadNews is malware' says outfit that found it
Google says code harmless but Lookout says code base is evolving
15