The latest spam report from Symantec shows that, generally, spam volumes in June continued to fluctuate but averaged approximately 90 percent of all email messages.
Symantec reports that the recent death of Michael Jackson, and the subsequent public interest combined with the Fourth of July holiday (in the US) showed that spammers were willing to use any notable event as a cover to distribute their messages.
“Various image spam obfuscation techniques that have recently been observed demonstrated that spammers continue to invest in this particular spam threat,” reports Symantec.
According to Symantec, another trend observed in June was that of a mass-mailing worm in fake Twitter account invites.
Symantec says that Twitter was used as bait to lure innocent victims into a phishing trap.
CONTINUED page 2
“Currently we are observing a wave of fake Twitter invitations that come carrying a mass-mailing worm. The observed messages appear as if they have been sent from a Twitter account; however, unlike a legitimate Twitter message, there is no invitation URL present in the body. Instead, the user will see an attachment that appears as a .zip file that purportedly contains an invitation card.”
In another example, Symantec says a spammer, pretending to be a Michael Jackson concert ticket officer based in London, sends out a message that requests the recipient’s information in order to receive reimbursement for the ticket. And, in a third example, spammers hide behind a spoofed message, which appears as a rip-off of a familiar social network notification, in an attempt to entice recipients to open a malicious URL.
However, Symantec says that, at its peak, spam related to President Obama during his first 100 days in office accounted for approximately two percent of all spam messages, but, at this time, less than one percent of all spam messages make reference to Michael Jackson’s life and death.
Symantec warns, however, that as the interest surrounding Michael Jackson’s life and death continues, Internet users should expect to continue to see threats that try to play upon the emotions and curiosity of the public around this event, and it advises email recipients to be extra cautious about messages that “appear to be related to Jackson’s death, especially any email that comes from an unknown or unexpected source.”
The trend of spammers using attachment images to get the attention of certain email users continues to re-emerge as a top spam threat.
There’s also a caution from Symantec alerting email users to a spam trend involving the manipulation of images by using geometric shapes and figures in the image background.
Symantec notes that, in the past, it has encountered background colour blocks, wavy text and multi-coloured blurred backgrounds, and that spammers are now using a combination of these tricks in the most recent wave of attachment spam attacks.
According to Symantec, the spammers have also recently mutated the image to include cartoon image comparisons of the male anatomy along with the advertised website, using a .GIF formatted image attachment with different coloured background and random lines.