Significant rise in malicious spam and phishing

Posted by   Virus Bulletin on   Apr 11, 2012

Over one quarter of malicious emails contain eight-year-old malware.

Email security firm eleven has reported a significant rise in both malicious emails and phishing emails in the first quarter of 2012.

In its latest quarterly report, the company says that while spam levels stayed more or less constant, the volume of emails with malware attached to it increased by over 80%. The volume of phishing emails increased by more than double that rate.

With about one quarter of spam advertising (fake) pharmaceutical products, pharma spam continues to be the most prevalent. The company also noticed a significant rise in casino spam in recent months, which now accounts for close to one fifth of all spam. The third most common subject in spam messages was fake luxury goods.

Given its notorious reputation and the many variants that exist, it will come as little surprise that Zeus (also known as 'Zbot') was the malware family that was most likely to be attached to emails; two Zeus campaigns alone accounted for more than one third of all malicious spam. More surprising was the fact that more than one in four malicious emails contained a variant of the 'MyDoom' worm: MyDoom was first seen in January 2004 and should thus be detected by any anti-virus product - even those that have not been updated for a long time.

For a long time it had been believed that malicious spam was a thing of the past and that spam filters and anti-virus products together made email a less attractive method for cybercriminals to spread malware. However, the volume of malicious emails saw a sudden spike in August 2011, and this trend has continued, with spammers using various credible-sounding subjects to trick the recipients into opening the attachments. On a much smaller scale, the use of malware attachments in targeted attacks also continues to be a problem.

More at eleven's website here (in German).

Posted on 11 April 2012 by Virus Bulletin



Latest posts:

First 11 partners of VB2019 announced

We are excited to announce the first 11 companies to partner with VB2019, whose support will help ensure a great event.

VB2018 paper: Fake News, Inc.

A former reporter by profession, Andrew Brandt's curiosity was piqued when he came across what appeared at first glance to be the website of a small-town newspaper based in Illinois, but under scrutiny, things didn’t add up. At VB2018 he presented a…

Paper: Alternative communication channel over NTP

In a new paper published today, independent researcher Nikolaos Tsapakis writes about the possibilities of malware using NTP as a covert communication channel and how to stop this.

VB2019 conference programme announced

VB is excited to reveal the details of an interesting and diverse programme for VB2019, the 29th Virus Bulletin International Conference, which takes place 2-4 October in London, UK.

VB2018 paper: Under the hood - the automotive challenge

Car hacking has become a hot subject in recent years, and at VB2018 in Montreal, Argus Cyber Security's Inbar Raz presented a paper that provides an introduction to the subject, looking at the complex problem, examples of car hacks, and the…

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.