Home & Office

Sophos: Spam to get more malicious

Cybercriminals moving away from traditional spam tactics such as drug ads to targeted e-mail attacks containing links to "poisoned Web pages", security vendor observes.
Written by Vivian Yeo, Contributor

Spam is becoming more malicious in nature as trickery tactics change in line with current user interests, according to a new report released Tuesday by Sophos.

The security vendor's "Dirty Dozen" report, reviewing global spam trends between October and December 2010, noted that more unsolicited e-mail messages were spreading malware and attempting to trick unsuspecting users into giving confidential data such as user names and passwords.

Sophos also noted an increase in more focused, targeted e-mail attacks, or spear-phishing. Cybercrooks continued to seek victims via social networks, with a growing number of reports of malicious apps, compromised profiles and unwanted messages spreading across social networking sites such as Facebook and Twitter.

"Spam is certainly here to stay, however, the motivations and methods are continuing to change in order to reap the greatest rewards for the spammers," Graham Cluley, senior technology consultant at Sophos, said in a statement. "What's becoming even more prevalent is the mailing of links to poisoned Web pages--victims are tricked into clicking a link in an e-mail, and then led to a site that attacks their computer with exploits or attempts to implant fake antivirus software."

Traditional spam messages touting pharmaceutical products have not gone away either, Sophos noted. Tens of millions of Americans are believed to have purchased drugs from unlicensed online sellers, it added in the report.

Cluley noted: "As long as spammers continue to make money from these schemes, Internet users can be sure that they'll continue to receive unsolicited e-mail and social networking scams.

"To combat this, it's essential that computer users remain wary of clicking on unknown links, regardless of whether they appear to be on a trusted contact's social networking page."

US reigns as spam king
Europe and Asia were the top two continents of spam origin, with a combined share of 64 percent, while the United States continued to be the country responsible for the most junk e-mail. The U.S. accounted for 18.8 percent of spam messages worldwide in the previous quarter, and continues to be plagued by bots, or zombie PCs that are remotely controlled by hackers, Sophos said.

Three Asian nations made the latest Dirty Dozen list: India took second spot with a 6.9 percent share of spam relayed between October and December 2010; South Korea was No. 8 with 3 percent; and Vietnam, which accounted for 2.8 percent, clocked in at No. 10. The three countries have consistently been ranked among the Top 12 over the last year, according to Sophos.

Editorial standards