12 Apr 2013
Though diminished in volume, spam has become more dangerous than ever, according to independent IT security firm AV-TEST. For their study, Spam – More Dangerous than Ever Before, the German researchers collected and analyzed 550,000 spam messages over a year and a half.
Apart from the huge variety of products or services advertised by these unsolicited e-mails, the researchers found that 2.5 percent of the sample pool delivered dangerous content in the form of malicious links or as e-mail attachments.
Of the 550,000 spam messages investigated by the AV-TEST team, 30,000 were sent with an attachment, of which more than 10,000 were malicious.
These attachments range from HTML pages offering eye-candy advertisements for counterfeited products to PDF “receipts” altered with 0-day vulnerabilities to malware-laden attachments that subvert systems to ZIP archives and executable files in EXE and PIF formats.
The spam e-mails also delivered malicious links - not as popular but more difficult to detect. The report shows that barely 1 percent of the unsolicited messages carry dangerous URLs.
Apparently 25 percent of these spam samples originate from an enterprise environment. According to the findings, the number of spam messages is relatively uniform on work days but falls by a quarter on Saturday and Sunday.
These discoveries are in-sync with the findings of Bitdefender last year when our labs conducted a similar study with comparable results. For details, check out What’s in Your Daily Slice of Spam? from our security blog HotForSecurity.