The current spam market has a well-defined structure. Different players offer each other services for collecting users’ addresses, searching for clients and providing mass mailing.
The spam market includes:
- Suppliers of software, address databases and IP addresses;
- Virus writers;
Spamming software includes programs designed to harvest addresses from websites and forums (network spiders), programs to provide fast mailing, programs that check the validity of email addresses, and many other types.
The software required to distribute spam emails and the server that it is run on can be either bought or rented. It is not at all difficult to find advertisements on the Internet offering spammer software for sale or rent, because its authors do not usually hide their names.
This type of operator serves the spammers by harvesting email addresses for them and developing address databases. Address collectors use software that scans the Internet searching for addresses, and when it finds them, it checks their validity and then places them into a database. A variety of methods are used, for example, the theft of addresses from a service provider with the help of an insider, or the selection of addresses by means of different heuristic algorithms and so-called dictionary attacks.
Virus writers are an inseparable part of the spam industry. They create malicious programs that turn users’ computers into machines that distribute spam, so-called ‘zombie’ machines. By 2004, the majority of spam originated from infected computers bound together to form zombie networks.
Spammers can be divided according to their output:
- Belonging to the top-ten major spamming companies;
- One of the hundreds of small companies and individual professionals;
- One of the thousands of amateur spammers (students, unemployed etc).
A stereotypical spammer is usually thought to be a technically literate, active and unprincipled young person.
Professional mailing services
Professional mailing services are groups of qualified people that use advanced software coupled with the latest spammer information for the purposes of mass mailing.
Amateur spammers include two categories – beginners and ‘honest’ spammers.
Beginners try to start their business using technically insufficient means. They buy a provider card and send out spam via a modem or a dedicated line. Mass mailing distributed by this method is not efficient and creates problems for the spammer, such as low mailing speed, outdated databases and the potential blocking of the account by a provider. Thus these types do not account for a big share of the total spam volume.
‘Honest’ spammers are most commonly company marketing staff. They use mass mailing for advertising purposes as it costs almost nothing. The addresses are usually taken from Internet sites and they give their true name and return address, which makes their identification easy.
Clients: who pays spammers?
Spamming is illegal in many countries and this is why it attracts criminals. Spam is extremely popular with those who sell pornography, fake medication and illegal software. Those that organise financial pyramid selling schemes and other fraudulent practices are also particularly interested in spam. Thus mass mailing has become one of the main tools phishers use for their malicious purposes.
In recent years, spam adverting the chance to make a profit from the shares of various listed companies has become more prevalent. This type of spam is therefore most probably initiated by those who gamble on the stock markets in an attempt to influence stock prices in their favour.
The situation in Russia is slightly different. The spammers’ services are often employed by representatives of small businesses trading in such things as electronics, spare parts, cars, legal services, tourism, medicine, etc in order to increase company turnover.
The share of spam in email traffic in 2017 fell by 1.68% to 56.63%. The lowest share (52.67%) was recorded in December 2017. The highest (59.56%) belonged to September. In 2017, the Anti-Phishing system was triggered 246,231,645 times on computers of Kaspersky Lab users as a result of phishing redirection attempts. Read Full Article
It often happens that inventions and technologies that start out good end up turning into dangerous tools in the hands of criminals. Blockchain is no exception to this rule, especially in its most common cryptocurrency incarnation. The attacks targeted employees of small companies, but such emails could be sent to any user’s personal mail. Read Full Article
On Monday, Jan 29th, IRS officially opened its 2018 season. Right after two days of the opening, we got phishing messages with a fake refund status websites. Read Full Article
This time of year is an ideal hunting ground for hackers, phishers and malware spreaders; disguising their attacks as offers too good to refuse, a concerned security message from your bank requiring urgent attention, a special rate discount from your credit card service, and more. Read Full Article
Our growing dependence on technology, connectivity and data means that businesses present a bigger attack surface than ever. Targeted attackers have become more adept at exploiting their victims’ vulnerabilities to penetrate corporate defences while ‘flying under the radar’. Read Full Article
In terms of the average share of spam in global email traffic (58.02%), the third quarter of 2017 was almost identical to the previous reporting period: once again growth was slightly more than one percentage point – 1.05 (and 1.07 p.p. in Q2 2017). As in previous quarters, spammers were quick to react to high-profile events and adapted their fraudulent emails to the news agenda. Read Full Article
In Q2 2017, the average share of spam in global email traffic amounted to 56.97%, which was only 1.07 p.p. more than in the previous quarter. One of the most notable events of this quarter – the WannaCry epidemic – did not go unnoticed by spammers: numerous mass mailings contained offers of assistance in combating the ransomware. Read Full Article
The threat from ransomware continues to grow. Between April 2016 and March 2017, we blocked ransomware on the computers of 2,581,026 Kaspersky Lab customers. In May, we saw the biggest ransomware epidemic in history, called WannaCry. Read Full Article
In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors. As further research demonstrated, this was just part of a bigger story that began much earlier and is unlikely to end any time soon. Read Full Article
Over the previous weekend, social networks were hit with a wave of posts that falsely claimed that major airlines were giving away tickets for free. Users from all over the world became involved in this: they published posts that mentioned Emirates, Air France, Aeroflot, S7 Airline, Eva Air, Turkish Airlines, Air Asia, Air India, and other companies. Read Full Article