E-Mail Spam Morphs in First Half of 2008

July 2008

Changes in content and distribution medium found in BitDefender survey

E-mail spam went through and important change in terms of content and distribution medium during the first half of 2008, according to BitDefender Laboratories.

BitDefender released the results of its spam and phishing survey from January through June 2008, last years highly advertised stock spam dropped from 25% to just 2%, while the formerly intrusive image spam continued its descending trend.

In terms of media and techniques, the most notable trend the analysts uncovered concerns the revival of the text-based spam which reached 70%this year, compared to 20% for the same period of 2007. Image spam continued its decline and dropped to 3%, compared to 60% last year.

Plain text continues to be the most prolific medium for e-mail spam distribution, especially due to its simplicity, reduced size and extreme versatility, said Andra Miloiu, BitDefender Spam Analyst.

Text-based spam still appeals to automated scripts for word scrambling, rephrasing or (synonymic) substitution, while image spam usually deploys obfuscated content. Other types of spam, such as e-mails bearing PDF attachments, audio and video files, etc., decreased in popularity, accounting for 10-15% of e-threats.

In the first half of 2008, e-mail spams content lost its emphasis on stock options, while spam media changes dominated in the last half of 2007 by various formats of image and audio stock spam reverted back to non-obfuscated and identical text-based message templates.

The Top 10 list for the first half of 2008s most advocated content through e-mail spam includes:

02Replica Watches
03Phishing (tool for)
04Pirated Software
07Hire & Employment
08Trojan Viruses Spread (tool for

Phishing trends for the first half of 2008 indicate a variation and growth of the spoofed banks and targeted clients. Primarily, forged elements belong to the US financial organizations, while the possible victims are now native English speakers who reside in the US, UK or Canada, although last weeks BitDefenders researchers received several notifications about ongoing attacks from Spain, Italy and France. Most arguments invoked in the illegitimate e-mails are still negative, such as account blocking or expiration and account details update for security reasons.

The Top 10 list of counterfeit business identities in the first half of 2008 includes:

03Bank of America
05Fifth Third Bank
07Poste Italiane
09Regions Bank

Spammers and phishers continue to improve their skills in replicating and forging legitimate message characteristics. However, the simple text e-mails proved their efficiency as well, rounding up the total figure of ID theft victims to 50,000 each month, said Vlad Vlceanu, Head of BitDefender Antispam Research Lab.

For more information on this survey, please visit BitDefender Security Center.

Share This ON: