Dec 16 2013

Spam Resurgence: Email's Nemesis Makes It Back on the List of Security Worries

The annoying email threat that no one thinks about anymore may be poised to induce security headaches once again.

Don’t call it a comeback — yet. Spam crept back up onto the list of security worries in the third quarter of 2013. According to the McAfee Labs Threats Report: Third Quarter 2013, global spam volume spiked in August, hitting nearly 4 trillion messages, an increase of 125 percent from the previous quarter.

Worldwide spam volume has not spiked in this manner since August 2010, shortly before the SpamIt spam operation was shut down, ushering in an era of steady declines in spam volumes until now. In the past, as Brian Krebs noted early this year, such spikes in volume were often proceeded by a major disruptive event, such as the disconnection of rogue ISPs or targeted takedowns of spam botnets.

Is this spike heralding the rise of a new botnet army intent on spamming the world into submission? Not likely. According to McAfee Labs researchers, much of this increase can be attributed to snowshoe spammers. This term refers to the technique of distributing spam across numerous IP addresses to avoid rapid ISP eviction.

Legitimate marketing firms may purchase mailing lists and services from illegitimate sources, who will then use any technique at hand, such as snowshoe spamming, to increase distribution and response rates. Snowshoe spam accounted for 85 percent to 95 percent of high-volume subject types in Q3.

Some additional factoids from the McAfee Labs Threats Report: Third Quarter 2013:

  • Belarus is the world capital for 419 scams (those emails that often involve a wealthy African prince looking to richly reward someone).
  • Drug and online bride spam are popular in Russia.
  • Delivery service notifications (DSNs) are the hottest spam trend in Australia.