Symantec Report: spam and phishing in September 2012

Posted: October 16, 2012 in IT Security News
Tags: , , ,

Symantec CorpAccording to Symantec, in the past month, the flow of spam advertising, phishing and malicious messages increased slightly. The level of spam in email traffic was 75.0%, 2.7 points higher than in August.

More junk email from other suffering people of Saudi Arabia (84.9%), and the division by sectors of economic activity – educators (77.9%) and entertainment (77.6%). Among the countries that spammers are leading India (17.4% of spam traffic) and Saudi Arabia (11.7%). The top five for this indicator also includes the United States (6.1%), Turkey (5.1%) and Canada (4.9%).

The most common theme is illegitimate messages advertising pornographic and dating sites, which share in August increased to 47.93%. Flows have also increased advertising replica designer goods, offers employment and casino spam (12.49, 7.83 and 2.26% respectively). Farmaspama share in total garbage posts decreased by 5 points, but still significant (27.64%).

In the spam links still prevails TLD-domain. Com, although its share in the URL-spam decreased by almost 4 points – to 60.4%. The contribution of the Russian national domain, in contrast, increased by more than half, and was 12.1%. Size of spam messages in general decreased, most of them (62.1%) did not exceed 5 MB. Experts attribute this to an increased flow of malicious messages using the link.

Spam Rate

Phishing messages in e-mail correspondence has increased by 0.088 points and totaled 0.41% (1 letter to 245.4). The most commonly phishers attacked the British (1 letter to 103.8), as well as employees of the public sector (1 in 68.5) and financial institutions (1 in 72.7). The main sources of phishing emails are the U.S. (37.3%), the UK (28.9%) and New Zealand (15.9%).

The total number of phishing sites in September increased by 4.46% – mainly due to compromised resources. Number of the latter increased by 13%, these sites now account for 42% of phishing imitations. Number of traps generated by automated tools, decreased by 3%, although their share is still over half a fish-sites, recorded by experts. Symantec also noted a significant increase in non-English imitations, which was twice as much. These fish-oriented sites, mainly in the native French, Italian, Portuguese and Spanish.

Statistics of the geographical distribution of phishing sites is dated August. As of this month, the main hoster phishing imitations are the U.S. (51.6% of sites). The share of Germany and the UK in July dropped slightly (5.6 and 3.8%, respectively), although they still occupy nepochetnoe ranking 2nd and 3rd place. The top five fish-hosts enclose Brazil (3.7%) and Canada (3.1%), again ahead of France and Russia (3.0 and 2.4%, respectively). The main targets of phishers, according to Symantec, are information services (38.8% of sites traps), an e-commerce (32.1%) and banks (24.6%).

Phishing Analysis

The number of malicious messages in September increased by 0.04 points and totaled 0.47% of mail (1 letter to 211.0). Other such messages often attacked the British (1 letter to 103.0), and government officials and financiers (1 to 58.1 and 1 to 74.7, respectively). More than half of the malicious messages came from the UK, 23.3% – in the U.S..

22.2% of malicious emails contain links, which is 2.6 points higher than in August. In 17.51% of cases of malicious spam is used by hackers to spread options Bredolab. Among local threats are blocked antivirus Symantec, dominated by families Ramnit (13,6% of the total) and Sality (6,9%).

Malware Analysis

Full Symantec Report

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s