Spammers are taking advantage of the popularity of social networking sites, by sending malicious e-mails feigning social intentions, according to a new report by Symantec.
One popular attack observed last month was an e-mail written in French, crafted to look like a message from a friend, inviting the recipient to visit “my personal page” on Bahu, a social networking site for students worldwide.
“Spammers are taking advantage of these popular sites with trusted reputations,” said Dermot Harnett, principal analyst at Symantec. “While we noticed this trend last month, this month was particularly interesting because it included the use of smaller, lesser-known social networks.”
In its monthly report, The State of Spam: A Monthly Report — April 2008, Symantec found that spam averaged 81% of all e-mail for the month of March 2008, nearly one quarter of which originated from the US.
The Symantec report also found that spammers are taking advantage of mail transfer agent (MTA) programs and using a practice called backscatter to forge sending e-mail addresses and bounce massive volumes of e-mails. It also found that pharmaceutical spam, always a popular subject among malicious senders, has reverted back to the tactic of using attachments. Zip files in fraudulent pharma e-mails were .5% of all spam in March.
Also, Commtouch’s monthly report on spam, Q1 2008 Email Threats Trend Report, said that spam levels peaked on Valentine’s Day, St. Patrick’s Day and April Fools’ Day. Commtouch also reported a large increase in spammers using links to Flickr, MySpace, Google applications and Hotmail to get their malware past spam filters.