Spam attacks focus on victims' economic gloom

Share this article:

The economy remains the main topic spammers focus on to lure users into opening emails with malicious links, according to Symantec's March 2009 "State of Spam" report.

“It's something the spammers are latching onto to get into a victim's inbox,” Dermot Harnett, principal analyst of anti-spam engineering at Symantec, told SCMagazineUS.com on Tuesday.

One of the more egregious spam messages Symantec found looked like a rejection letter. It said: “Unfortunately we have to inform you that your qualifications and experience does not fit the position you applied for.”

A URL in the message pointed back to a legitimate site, but the message said: “We have attached a copy of your application you sent for us.” If a user clicked on the attachment, an attack was launched involving the Hacktool.Spammer virus – a program that hackers use to attack inboxes by flooding them with email.

“If you apply for a lot of jobs, and you see job application rejection scams come in, you might be tempted to take some action, such as clicking on a link,” said Harnett.

The amount of spam has a tremendous effect on email infrastructure overall. Most users do not see that most email is in the form of unsolicited bulk email. Most spam originates in botnets, but there are new and emerging type of attacks, Harnett said.

“The continuing abuse of webmail, for instance – that is, free accounts that are being used to launch spam attacks – have been a problem,” he said. "But the fact that email works at all shows that countermeasures are working. If they weren't, we couldn't really use email.”

The Symantec report said that of all email, 86 percent is spam.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Florida Supreme Court rules warrants a must for real-time cell location tracking

Florida Supreme Court rules warrants a must for ...

The Florida Supreme Court put the kibosh on warrantless real-time tracking using location data obtained from cell phone providers.

Modular malware for OS X includes backdoor, keylogger components

Modular malware for OS X includes backdoor, keylogger ...

The modular malware was named "Ventir," by researchers at Kaspersky.

Fake Dropbox login page nabs credentials, is hosted on Dropbox

Fake Dropbox login page nabs credentials, is hosted ...

Symantec researchers received a phishing email linking recipients to a fake Dropbox login page that is hosted on Dropbox's user content domain and served over SSL.