Symantec, which focuses on Internet security and storage, issued a report this week that said a stunning 90.4 percent of e-mail on corporate networks this month was unsolicited. That's a 5.1 percent jump over April.
The report highlights:
• Viruses – One in 317.8 emails in May contained malware (a decrease of 0.01% since April)
• Phishing – One in 404.7 emails comprised a phishing attack (an increase of 0.11% since April)
• Malicious websites – 1,149 new sites blocked per day (a decrease of 67.7% since April)
• Spammers continue to abuse reputable domains and web-based malware more likely to be found on older domains
• Geographic location determines at what time of day you receive spam
• “Russian” spam squarely rooted in Cutwail botnet
The primary kind of spam are those with a subject line and little more than a hyperlink in the body of the e-mail, Symantec said. The originating e-mail addresses also are being created on valid free webmail sites (think Yahoo, GMail, Excite, MSN, etc.) by bots that are managing to evade the CAPTCHA so are harder to avoid by using spam filters, Symantec said. The user profiles on the sites are set up with the primary image being whatever product (Viagra, anyone?) the spammer is trying to sell.
Though the spamming varies by time of day, the majority of it is during the workday - primarily during the U.S. workday. No surprise then that nearly 35 percent of the junk mail is originating from North and South America. A little less is originating in Europe and less than 28 percent is birthed in Asia, according to Symantec.
Source: Symantec Corp.
Interestingly, most of the malware that's spread this way is hosted on more established sites - those that have been around for a year or more (think of Internet time as dog years - a year is old!). Nearly 85 percent of the malware was on such sites. They're generally considered to be more reputable, so it's more insidious that way; if you've visited a site several times, why wouldn't you click through?
And you may have noticed you've received a lot more spam in Russian or with gibberish subject lines - the Russian used in them is basically a coded message. That message often has something to do with manliness being ... renewable or something like that. These types of emails already account for 2 percent of spam.
Adam O'Donnell, a researcher with antispam vendor Cloudmark, told ComputerWorld that spammers are using human networks to send hundreds of thousands of messages a day.Symantec's entire report is in a downloadable PDF here.