Kaspersky Lab’s monthly report on spammer activity shows the proportion of spam in email traffic was up 2.2 percentage points in April compared to the previous month and averaged 77.2%. There were also some major changes in the geographical distribution of spam sources.
The most noticeable change over the month was a surge in spam originating in the US that saw it jump 18 places, making the US the second biggest distributor of junk mail in April. The amount of spam emanating from China also increased – by 5 percentage points – and the country is now ranked 5th among the world’s top sources of spam. Meanwhile, the proportion of unwanted correspondence originating in Indonesia fell by 5.2 percentage points, with the country falling 10 places and ending April in 12th place.
Spammers who spread malicious code and phishing emails are still looking for the best shortcut to reach computer users. In April, we detected spam that at first glance appeared to be the usual malicious mass mailings designed to look like an official Facebook notification. An email, allegedly from the social network, announced a new Friend Request on Facebook. However, the links in the messages took the users to infected pages on Wikipedia and Amazon. Other phishing emails appeared in spam traffic playing off of the impatience of gamers anxiously awaiting Diablo III’s release. The emails stated that they would be given the opportunity to play a beta version of Diablo III for a specific period of time. In order to do so, they would need to enter their battle.net account information (a resource where Blizzard account information is stored). Of course, the link in the email did not lead to the specified site, but to a phishing webpage.
Political spam got back in on the action in April, primarily targeting US and French readers. Mentions of Barack Obama in spam emails were as frequent as they were during the first year after his election. Furthermore, his name is used not only in political emails “exposing his political course” or pointing to the allegation that the President of the US “is afraid of losing the upcoming election,” but also in emails advertising a variety of traditional spammer products. For example, his name is mentioned in one mass spam mailing offering Viagra.
There is also more and more spam exploiting the European football championships and the Summer Olympics in London. Many spam mailings offer rooms to football fans that haven’t yet made hotel reservations in Poland and Ukraine. The Olympics are currently the focus of attention among “lottery” scammers who send out emails announcing lottery wins.
“In the months to come, we expect a return of the all-too-familiar spam mailings with scandalous news items about current US President Barack Obama,” says Maria Namestnikova, Senior Spam Analyst at Kaspersky Lab. “Furthermore, phishing attacks will likely focus more on social networking sites, and possibly online games — as summer vacation is upon us, students on break from school will be more active online. While these users tend not to have bank accounts, they do spend a lot of time on social networks and other online entertainment.”
The full version of the spam report for April 2012 is available at: http://www.securelist.com/en/