The Deadly Duo: Spam and Viruses, June 2005

Spam Categorization Breakdown June 2005
Click on graphic to view chart

Spam recipients saw a reduction in pornographic recently, however inboxes now receive twice as much health care-related spam. The “Spam Index,” published by Clearswift, points out email selling health care products is easier to disguise as legitimate. Since June, 2003, when Clearswift began the “Spam Index,” pornographic spam dropped to just five percent of all junk email, four times below the original volume. Health care and financial-related spam doubled in that period, from 39 percent to 80 percent. Clearswift reports seeing more one-off spam campaigns and fewer spam trends. Two standout June campaigns were messages hawking hair thickening cream and Christian dating sites.

A report from Lyris claims to explain why less spam is actually delivered into inboxes; filtering is improving. Since its last deliverability report, ISPs (define) came to Lyris for recommendations. “Some of them were not using such sophisticated methods,” said Shannon Coulter, senior marketing manager at Lyris. “We made some recommendations and saw a lot of improvement.”

The report looked at both European and U.S. ISPs and identified European providers as more effective. This could be a result of more stringent spam laws. “With every single European ISP we monitored, [we found” their deliverability rates were higher,” said Coulter. “When you unsubscribe people in an immediate and clean way, your lists are cleaner and stronger.”

Lyris also conducted a study on phishing (define), learning most people can’t discern between a legitimate email and a phishing attempt. An overwhelming 72 percent of study participants thought a legitimate email was spam because it rendered improperly. Eleven percent identified text emails from legitimate brands as suspicious, and 10 percent correctly classified phishing messages as most suspect. “More people identified text emails as untrustworthy, which is a turnaround from the past,” observed Coulter.

E-mail recipients must learn to identify phishing; the category is on the rise according to Postini. Delivery of phishing emails in June rose 71 percent over May’s volume. Prior to June’s spike, phishing experienced a two-month decline.

Postini also reports a decrease in the number of virus-infected email messages in June. The number of directory harvest attacks (DHA) against corporate networks decreased by 23 percent last month.

Top Ten Viruses, June 2005
Virus Name Quantity Detected
mytob 42,564,787
netsky 9,678,418
mime 5,204,341
bankfraud 4,166,861
bagle 2,984,403
zafi 1,397,793
downloader-abl 1,311,393
mydoom 1,049,130
lovgate 1,025,157
klez 218,789
Source: Postini, 2005

Virus-laden email declined in June. FrontBridge said it rejected or quarantined 36 million messages last month, compared to 319 million in May. The company said there was no coordinated attack such as that of the Sober.S worm.

The virus most prevalent in June was Mytob, according to Kapersky Lab. Win32.Mytob.c accounted for 19 percent of total viral activity, followed by Win32.NetSky.q with 11 percent of the traffic. The Zafi.d jumped from ninth to third place, the second largest increase in June. A new variant of Mytob, the, took fourth place for the month.

Kaperaky noted the Lovegate worm has continued to inch through the Web, saying it’s mostly due to infections in China, where users lack adequate anti-virus protection.

Related reading

Flat business devices communication with cloud services isolated on the light blue background.