Huge uptick in spam-borne malware since mid-September

Share this article:
The amount of spam containing malicious attachments spiked in September and has remained at an elevated level since, according to Symantec's "State of Spam" report released Wednesday.

“We are definitely seeing an increase in spam with attached viruses,” Dylan Morss, senior manager of anti-spam engineering for Symantec, told on Wednesday.

Generally, the amount of spam containing malicious attachments hovers around 0.5 percent of all spam, with occasional brief spikes every two to three months, Morss said. Since mid-September, however, malicious attachments have been present in approximately 1.3 percent of all spam on average.

The amount of spam containing malware increased ninefold during September over the previous month, Symantec said in its report

And at one point in September, malware was present in 4.5 percent of all spam, the Symantec report said.

“The consequences of this rise are quite significant when you consider that 86.39 percent of all email messages in September 2009 were spam,” Symantec's report states.

In a reflection of the report, the FBI this week issued three different warnings about fraudulent email campaigns currently making the rounds, all of which contain malicious attachments. Some of the emails seem to be coming from the FBI and contain attachments for what those behind the messages claim are reports related to weapons of mass destruction or Al-Qaeda financing.

Other fraudulent emails making the rounds are spoofed to look like they were sent by U.S. Department of Justice and contain attachments of a supposed audio file with speech from Osama Bin Laden directed at the people of Europe, the FBI said.

The FBI does not send unsolicited emails and if users encounter these messages, they should not click on the attachments as they likely are viruses or other malicious software, the FBI said.

Meanwhile, Joel Esler, a SANS Internet Storm Center handler, said Wednesday that he has, along with several SANS readers, noticed an increase in overall spam recently.

“I can personally confirm that, yes, I have seen more spam in my inbox lately,” Esler wrote in a SANS blog post.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters


More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.