by Jeremy Nigh on July 29, 2009
A recent report from Messagelabs shows that spammers are now utilizing automated translation services to translate their messages into other languages, allowing for them to target more countries with the same content with little extra effort on their part.
Free, online translation services have become a favorite of 419-type advance-fee fraudsters. Only recently though, have general spam senders also adopted these tactics as their own. Some countries who have enjoyed better email security before now are seeing a dramatic rise in the level of spam due to the translation of messages into their native tongue.
Spam levels in Germany and The Netherlands have risen by 13% since May of this year, with spam now representing over 95% of all email traffic globally. According to the report, “…in Germany 46.5% of all spam is in German and 2.5% in French. In The Netherlands, 25% of spam is in the Dutch language while in France, 53% is in French and 4% in German. In Japan, 62.3% of the spam is found to be in Oriental non-English languages and in China, this number is 54.7%.”
Despite the influx of non-English spam, however, the report also shows that around the world most spam is still targeting the English language. In July only 1 in every 20 spam messages was in a non-English language.
by Jeremy Nigh on July 23, 2009
According to a mid-year report from TRACElabs, spam is at it’s highest level ever. Previously the highest level recorded was in July of 2008, so this trend suggests that spammers really kick things into high gear during the summer months, and they don’t care one bit about the actions being taken against them.
“The clear message spammers are giving us is that they are unimpeded by the efforts of law enforcement and the security community,” says TRACElabs senior researcher Phil Hay.
With the recent FTC crackdown on Mocolo and 3FN the volume of spam did slow considerably. However, these latest reports show that spammers have hunkered down and brazenly developed better and more resilient systems for keeping themselves in business. According to Hay, “The crime groups running the Waledac, Rustock, Pushdo and Grum spamming botnets continue to be very strong.”
The report also shows that:
- More than 30% of all spam last week came from Asian countries after Vietnam overtook traditional spam powerhouses China, Turkey and Russia for the first time ever.
- Brazil continues to dominate with over 15% of all spam, followed by the USA with 10%.
- Just three specific institutions were the focus of 99.5% of all phishing activity last week: eBay, Bank of America and Comerica.
So despite the fact that organizations are investing more time, money, and resources into the spam problem, the spammers continue to relentlessly pound the unprotected email user with wave after wave of unsolicited messages. These high numbers serve as a reminder that the spam epidemic is not going to disolve anytime soon, so this blogger recommends that you find a good email security service and ride out the storm in comfort.
- Just three specific institutions were the focus of 99.5% of all phishing activity last week: eBay, Bank of America and Comerica.
by Jeremy Nigh on July 22, 2009
Does spam actually return any profit to companies that hire spammers to push their product? Believe it or not it does. Why? Because a decent percentage of individuals actually click spam messages in their inbox.
Recently the MAAWG (Messaging Anti-Abuse Working Group) asked North Americans if they had ever responded to a message they believed to be spam (note: we’re assuming their respondents did not have an email security solution in place). Out of the 800 people surveyed 12% confessed to doing so because they were actually interested in what the spam had to offer. “Big red button pressers” represented 6% of the total respondents, saying that they have clicked on spam “just to see what would happen”, while another 13% said they “unknowingly” clicked spam.
That’s a 31% click-through rate! With such a high rate of success, I think it’s safe to say that spam is going to stick around for a while.
by Tim Sullivan on July 17, 2009
As mentioned in a previous post, the recent story concerning Governor Mark Sanford’s extra-marital affair highlights the need for effective email security. So, what is the key to effective email security?
The answer is layering. It has become an industry best practice to have a layered security approach when it comes to email. Typically, layers of security begin with a cloud based service (like Mailprotector) followed by an appliance (both protecting the email server).
There are other keys to layering, however, including encryption and email best practices. Recently we talked with Ira Victor of the Data Security Podcast about these issues. have a listen »
by Jeremy Nigh on June 30, 2009
Michael Jackson’s death last week left a mourning fan base of gargantuan proportions. Fans of the “King of Pop” (one of which this writer is not) have expressed their grief and sentiments through email, youtube, twitter, and various other social and Internet-related media in a way rarely seen before. But for many, their state of sadness has left them vulnerable to email and web-based attacks.
It’s no secret that spammers and malware creators can always be counted on to deliver a bevy of non-benevolent business when a phenomenon such as this reveals itself. At only 50 years old, nobody (least of all the average spammer) expected MJ to die so suddenly. Subsequently, Micheal Jackson email scams got off to a slow start, but over the past weekend attacks have ramped up significantly. Have a look at an actual Mailprotector quarantine page to see some of the spam we’ve stopped over the past 3 days:
A quick Mailprotector quarantine search for the words "Michael Jackson" yields quite a few results.
It’s not really surprising. Spammers have always had a propensity to follow the buzz of current trends and hot news stories. They’ve learned what works, and focusing on current events works very well for them. The Michael Jackson death story is the latest “easy target” scenario, but be forewarned that spammers never stop looking for creative ways to get to your inbox, so it’s important to take proper measures to ensure you’re protected from the Bad stuff.
The best way to keep safe is to use an email security service (such as Mailprotector) that provides an exchange spam filter, which tells spam messages to Beat It before they even get to your email server. If such a service is not an option for you, however, you can always take the common-sense approach to protect yourself:
- Always be very careful to only open email from trusted senders
- Never click links in emails that seem even remotely suspicious
Better safe than sorry is always the way to go when dealing with potentially harmful email. The Michael Jackson spam attacks will subside, but if history is any indicator the next spam-inducing current event is just around the corner, and for those of us in the email security industry it promises to be one heck of a Thriller.
by David Setzer on June 8, 2009
Here is a great article I picked up from one of our Twitter followers. It does an excellent job of explaining the two different cultures and types of blackhats responsible for the spam, malware and other cyber-threats today. Having been in the email security business for almost 10 years now we see the effects of these types of thugs and can deduce much of their makeup but this article really nails it.
It’s interesting how human nature never really changes. This is nothing more than the 2000’s version of your pick pockets and organized crime of 1930’s Chicago or New York.
