The current spam market has a well-defined structure. Different players offer each other services for collecting users’ addresses, searching for clients and providing mass mailing.
The spam market includes:
- Suppliers of software, address databases and IP addresses;
- Virus writers;
Spamming software includes programs designed to harvest addresses from websites and forums (network spiders), programs to provide fast mailing, programs that check the validity of email addresses, and many other types.
The software required to distribute spam emails and the server that it is run on can be either bought or rented. It is not at all difficult to find advertisements on the Internet offering spammer software for sale or rent, because its authors do not usually hide their names.
This type of operator serves the spammers by harvesting email addresses for them and developing address databases. Address collectors use software that scans the Internet searching for addresses, and when it finds them, it checks their validity and then places them into a database. A variety of methods are used, for example, the theft of addresses from a service provider with the help of an insider, or the selection of addresses by means of different heuristic algorithms and so-called dictionary attacks.
Virus writers are an inseparable part of the spam industry. They create malicious programs that turn users’ computers into machines that distribute spam, so-called ‘zombie’ machines. By 2004, the majority of spam originated from infected computers bound together to form zombie networks.
Spammers can be divided according to their output:
- Belonging to the top-ten major spamming companies;
- One of the hundreds of small companies and individual professionals;
- One of the thousands of amateur spammers (students, unemployed etc).
A stereotypical spammer is usually thought to be a technically literate, active and unprincipled young person.
Professional mailing services
Professional mailing services are groups of qualified people that use advanced software coupled with the latest spammer information for the purposes of mass mailing.
Amateur spammers include two categories – beginners and ‘honest’ spammers.
Beginners try to start their business using technically insufficient means. They buy a provider card and send out spam via a modem or a dedicated line. Mass mailing distributed by this method is not efficient and creates problems for the spammer, such as low mailing speed, outdated databases and the potential blocking of the account by a provider. Thus these types do not account for a big share of the total spam volume.
‘Honest’ spammers are most commonly company marketing staff. They use mass mailing for advertising purposes as it costs almost nothing. The addresses are usually taken from Internet sites and they give their true name and return address, which makes their identification easy.
Clients: who pays spammers?
Spamming is illegal in many countries and this is why it attracts criminals. Spam is extremely popular with those who sell pornography, fake medication and illegal software. Those that organise financial pyramid selling schemes and other fraudulent practices are also particularly interested in spam. Thus mass mailing has become one of the main tools phishers use for their malicious purposes.
In recent years, spam adverting the chance to make a profit from the shares of various listed companies has become more prevalent. This type of spam is therefore most probably initiated by those who gamble on the stock markets in an attempt to influence stock prices in their favour.
The situation in Russia is slightly different. The spammers’ services are often employed by representatives of small businesses trading in such things as electronics, spare parts, cars, legal services, tourism, medicine, etc in order to increase company turnover.
The quarter’s main topic, one that we will likely return to many times this year, is personal data. It remains one of the most sought-after wares in the world of information technology for app and service developers, owners of various agencies, and, of course, cybercriminals. Unfortunately, many users still fail to grasp the need to protect their personal information and don’t pay attention to who and how their data is transferred in social media. Read Full Article
In late 2017, information appeared on specialized resources about a Telegram ICO to finance the launch of its own blockchain platform. The lack of information provided fertile ground for scammers: the rumors prompted mailshots seemingly from official representatives of the platform, inviting people to take part in the ICO and purchase tokens. Read Full Article
Every year, vast numbers of people around the globe relish the delightful prospect of filling out tax returns, applying for tax refunds, etc. Given that tax authorities and their taxpayers are moving online, it’s no surprise to find cybercriminals hard on their heels. Read Full Article
The share of spam in email traffic in 2017 fell by 1.68% to 56.63%. The lowest share (52.67%) was recorded in December 2017. The highest (59.56%) belonged to September. In 2017, the Anti-Phishing system was triggered 246,231,645 times on computers of Kaspersky Lab users as a result of phishing redirection attempts. Read Full Article
It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail. Read Full Article
On Monday, Jan 29th, IRS officially opened its 2018 season. Right after two days of the opening, we got phishing messages with a fake refund status websites. Read Full Article
This time of year is an ideal hunting ground for hackers, phishers and malware spreaders; disguising their attacks as offers too good to refuse, a concerned security message from your bank requiring urgent attention, a special rate discount from your credit card service, and more. Read Full Article
Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article
In terms of the average share of spam in global email traffic (58.02%), the third quarter of 2017 was almost identical to the previous reporting period: once again growth was slightly more than one percentage point – 1.05 (and 1.07 p.p. in Q2 2017). As in previous quarters, spammers were quick to react to high-profile events and adapted their fraudulent emails to the news agenda. Read Full Article
In Q2 2017, the average share of spam in global email traffic amounted to 56.97%, which was only 1.07 p.p. more than in the previous quarter. One of the most notable events of this quarter – the WannaCry epidemic – did not go unnoticed by spammers: numerous mass mailings contained offers of assistance in combating the ransomware. Read Full Article