Posted by Virus Bulletin on Oct 24, 2012
80-fold increase in one month.
I do not think I am unique in that I can recognize (most) phishing pages from a mile away and that I know that, if I ever wanted to buy performance-enhancing drugs of any kind, I should not buy them through a link found in a spam message. However, that doesn't mean I can safely click on URLs in emails to see whether they link to something legitimate.
As someone who keeps a close eye on spam trends, I had noticed a recent increase in spam messages linking to drive-by download sites: websites that attempt to infect your machine, generally by exploiting a vulnerability in an outdated browser plug-in. Still, I was a little shocked when anti-spam firm Eleven reported that, in September, almost one in ten spam messages contained a malicious URL - an 80-fold increase since August.
Various reports have suggested that there isn't a lot of money to be made in commercial spam these days. The numbers reported by Eleven indicate that spammers are adapting quickly and, probably by using affiliate pay-per-install schemes, are finding other ways of making money through their vast delivery networks.
Most of the emails claim to come from well-known brands such as Amazon or LinkedIn - companies from which many users commonly receive emails. And an even more worrying trend is that of malicious spam sent from compromised accounts to the contacts in the victim's address book: who would think twice before clicking a link sent to them by a good friend?
Running a spam filter remains essential to keep most of these threats at bay. But for those emails that do make it through the filter, running (web) security software and applying security software patches whenever they become available is just as important.
More (in German) at Eleven's security blog here.
Posted on 24 October 2012 by Martijn Grooten