Spam grows, targeted – survey shows


Cape Town – Spam increased slightly in the last three months, but was more targeted as criminals upped the ante to steal personal information, research by a security firm has shown.

News 24 Online

According to research by Kaspersky Lab, spam was up by 4.2% at 70.7% of data traffic, while phishing traffic remains relatively flat at a 0.0016% decline.

Kaspersky said that e-mails were addressed to corporate users and disguised as delivery failures, notifications or auto replies.

“Malicious users expect corporate employees to skim over the details, assume the e-mail is legitimate and open the attachment – releasing a malicious programme.”

The survey found that spammers had resorted to old tricks to deliver malicious content.

Disguised messages

One of these includes an e-Card with malware targeting Hallmark. In the past this strategy proliferated around major holidays, but there was a significant uptick over the last three months.

In order to fool spam filters, some messages were disguised with white text which users generally would not notice as most use a white background for mail.

The top three spam sending countries make up more than half of all spam send worldwide with China at 23.1%, the US at 16.8% and South Korea at 12.6%.

Kaspersky said that attacks on social networks fell by 3.3%, while trending up on financial institutions at 1.2%.

Criminals have begun targeting corporate users for information that could be used to compromise a company’s intellectual property, a report has found.

According to the Cisco 2013 Annual Security Report, the security risk is increased because fewer than 20% of corporate users abide by IT policies.

“Security risks rise in businesses are also on the rise because many employees adopt ‘my way’ work lifestyles in which their devices, work and online behaviour mix with their personal lives virtually anywhere – in the office, at home and everywhere in between,” Cisco said.

There was also a change in the methodology employed by criminals to phish for personal data.

“More and more often these days, phishers are reluctant to rely solely on the human factor and are less willing to wait for users to enter their own data. Instead, malicious users are now sending out malicious e-mails seeded with Trojans that steal usernames and passwords, including for online banking accounts,” said Kaspersky Lab.