2013’s Most Notable Spam Trends

As one of the Internet’s most enduring threats, spam went through very notable changes in 2013.

The Death of the Blackhole Exploit Kit

The Blackhole Exploit Kit, a notorious exploit kit, was used in several spam campaigns. It can quickly adapt to existing trends by incorporating newfound exploits for vulnerabilities and using the latest social engineering schemes to infect computers and release damaging payloads.

2013 saw 198 Blackhat Exploit Kit campaigns, a considerably smaller number compared with last year’s. This can be explained by the arrest of the supposed kit creator, Paunch, in early October of 2013. Two weeks after Paunch was brought to justice, the Blackhole Exploit Kit spam run volume significantly dropped and later completely disappeared in December 2013.

Health Spam

The third quarter of 2013 saw a dramatic increase in health-related spam, which made up nearly 30% of the total volume. The spam, numbering around 2 million each day, contained weight loss tips, pharmaceutical product promotions, and so on. 2013 also saw health-related spam change, mostly in terms of how they convinced recipients to click embedded links. In the past, health-related spam were very direct. They had a product image and a few sentences convincing recipients to click an embedded link. They’ve become a bit more subtle with their messaging now; sporting newsletter templates with featured anecdotes and quotes from supposed health experts. This is most likely an effort to appear more legitimate and bypass anti-spam filters.

Malware Attachments

In 2013, malicious spam usually came with ZBOT/ZeuS malware in tow until halfway through the third quarter when TROJ_UPATRE malware ousted ZBOT/ZeuS. In fact, by November, 45% of all malicious spam came with UPATRE strains, which are known for downloading other malware like ZBOT/ZeuS and CryptoLocker variants onto already-infected computers. Unlike ZBOT/ZeuS, which is notorious for data stealing, CryptoLocker is well-known for locking infected computers, rendering it and the data stored within inaccessible.

Basic Spam Safety – Suggestions for everyone

While spam have certainly changed and will continue to do so, the ways by which you can avoid becoming their victim remain the same. To stay safe we recommend:

  • Immediately delete suspicious mail from unfamiliar senders.
  • Never open attachments or click links that come with suspicious mail.

About SCB Enterprises
System Solutions and Integration

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: