Five Advantages of Cloud-Based SIEM for Security Intelligence and Operations REGISTER >
The firm, a unit of security player Symantec, said in its May report that spam grew more than 5 percent from the 85.3 percent it recorded in April.
"Much of this increase is attributed to spam with very little content other than a subject line and a valid hyperlink," the report said.
The findings, which are based on spam detected by MessageLabs' corporate e-mail security service, comes after months of warnings from security experts.
The report hypothesizes that spammers have broken the CAPTCHA (define) defenses of social networking sites and free e-mail providers to create social profiles that host spam messages, such as pharmaceutical offers. Since the spam originates from a valid e-mail address, the spam easily penetrates filters that block suspicious domains. Spammers need send only a link to a legitimate-seeming profile on a real social networking site.
While the social networking site is legitimate, a profile's actual content can be hosted anywhere. In a case highlighted in the report, a blog site hosts image spam delivered from a .cn domain.
Another tactic spammers are using to avoid filtering is writing Roman letter messages using the Russian character set, MessageLabs found.
"The unnecessary use of another character set to encode the English language subject is purely to hide the true content of the subject of the message, and a technique sometimes used by spammers to avoid content filters," the report said.
The report added that spam messages using the Russian character set are sent by the Cutwail botnet and now account for 2 percent of all spam.
It also concluded that phishing attacks were by far the most prevalent malware invasions, comprising 89.7 percent of the total and representing one in 279.7 messages, or 0.36 percent of all e-mail.
Spam's U.S. timetable
The report also drew some conclusions about the spammers responsible for sending the bulk of these unwanted or dangerous messages.
Peak spam activity for all countries except Japan is on Mondays and Fridays, with volumes dropping significantly on Sundays, the report said.
Many spammers also appear to be operating on a U.S. timetable, with volumes peaking at 9 AM ET in the U.S. and at 4 PM GMT in the UK.
The findings would seem to jibe with evidence that the most active spammers are in the U.S. according to the Register of Known Spam Operations (ROKSO) maintained by the Spamhaus Project, an anti-spam nonprofit group.
But MessageLabs said its data doesn't necessarily support the notion that most spammers live and work in the U.S. -- the report says that the source of spam appears to be evenly distributed throughout the world's continents, with 13.4 percent from North America, 21.4 percent from South America, 31.6 percent from Europe and 27.8 percent from Asia.
It also found that 57.6 percent of all spam comes from botnets, of which Rustock (16.1 percent of spam) and Bagle (6.3 percent of spam) are the most active in North America. Cutwail, responsible for 8.6 percent of spam, operates in Europe, the Middle East, Africa, South America, and the Asia Pacific region. The top botnet is Donbot, responsible for around 18.2 percent of all spam. It operates in Asia.
Article courtesy of InternetNews.com.