Kaspersky Lab reports Spam in the second quarter of 2010

By Kaspersky Lab

Kaspersky Lab finds massive attacks using fake notifications from social networks


Kaspersky Lab announces the publication of its spam report for the second quarter of 2010. According to the report, spam accounted for an average of 84.4% of the total volume of email traffic.One of the most significant events in the last quarter was an unprecedentedly large mass mailing that used HTML-based threats in the form of emails disguised as legitimate notifications from social networks.


An email was distributed that was made to look like a notification from social networks, email providers and popular websites such as Facebook, Twitter, Digg, Amazon, Windows Live, YouTube, Skype, and Wikipedia. These emails were very reminiscent of phishing attempts. However, if a user clicked on the link, they would be taken to a hacked site, from where a malicious script would then be downloaded.


Most often, these links used Trojan-Downloader.JS.Pegel.S, a Trojan that was the most common malicious program found in all unwanted correspondence during the second quarter. These types of Trojans are HTML pages that contain scenarios written in JavaScript. Trojan downloaders are designed to redirect users to a cybercriminal's webpage containing both advertising content and malicious code that will be downloaded onto the user's computer. Trojans from the 'Redirector' family also behave in the same manner.


A total of three Trojan downloaders were present in the Top 10 during the second quarter. Prior to the June attack, none of these email threats had ranked among the Top 10. This change clearly indicates a planned spam attack.


The USA went firmly into the lead this quarter with 15% of all spam emanating from there, while India remains a steady second place with 8.5%. Vietnam climbed two places to come in third in the chart. However, there was plenty of jockeying for position throughout the quarter. In April, the USA, India, and Vietnam were neck and neck with 12.3%, 11.7%, and 11.6% respectively, while in May, the USA unequivocally stepped into the lead with 20.8% of all spam. The share of spam coming from South Africa was no more than 0.35% of the global total.


Quite unexpectedly, Italy (3.3%) and Spain (2.8%) joined the Top 10 sources of spam. Last quarter, these countries were ranked a lowly 14th and 15th place respectively on the chart. Furthermore, the amount of unwanted correspondence originating in Latin America increased to 16.3% of the total spam content.


As Kaspersky Lab predicted some time ago, phishers are increasingly focusing their efforts on social and entertainment websites. In addition to PayPal, eBay, and HSBC, the other top phishing targets included Facebook with 6.03% and the Google email system with 2.84%.


View the full version of the Q2, 2010 spam report at www.securelist.com