Spam report: Top 10 subject lines and massive malware push

According to Symantec’s September 2010 “State of Spam and Phishing” report, spam accounts for 92.51% of all email sent during August 2010, up from 91.89% during July 2010.

Spam originating from the Europe, Middle-East and Africa regions has decreased from 48.97% in June to 43.17% in August 2010.

The biggest concern of the September report, according to Symantec, is spam-distributed malware. Malware spam took a one month hiatus but has returned at triple the volume from the previous month’s report.

Malware distributed as .zip attachments to spam emails saw a four-fold increase this month, but there was also a wave of .html attachments containing malicious JavaScript.

These threats can do the following, Symantec said:

  1. Exploit browser and plugin vulnerabilities to run arbitrary code
  2. Display fake antivirus scans and other fraudulent information
  3. Download JavaScript, HTML, and other files
  4. Hijack browsing sessions
  5. Redirect users to malicious websites
  6. Steal personal/confidential information

Symantec highlighted phishing scams masquerading as High School Musical websites as well as automotive sales brands.

Top 10 subject lines

The top ten most seen subject lines for spam were:

  1. Your wife photos attached
  2. -blank subject line-
  3. Your Order with Amazon.com
  4. Meet Local Girls
  5. Resume
  6. Your private photo attached
  7. New message
  8. Join my network on LinkedIn
  9. You have notifications pending
  10. Best Sales 2010!

Many of the messages sent with the above subject lines, such as “Your wife photos attached” and “Resume” contained the more prevalent .zip malware attachment.

As in prior spam reports, Symantec recommended basic precautions such as not publishing your email address on the Internet and avoiding clicking on links in email or chat (IM) messages.

Among other things, Symantec also warned against opening unknown email attachments, replying to spam, opening spam messages, and filling in online forms that ask for personal or financial information or passwords.

For tech-savvy users this advice is common-sense, but for others such education can mean the difference between being scammed out of money, having their online identity stolen, or having their machine infected by a virus.

Those that are more Internet-aware should make an effort to teach their less seasoned family and friends of phishing and other malware threats being propagated through spam.

Spam report August 2010: Top 10 subject lines and massive malware push << Comments and views

Latest news

Partner Content

Show comments

Recommended

Share this article
Spam report: Top 10 subject lines and massive malware push