Modernizing Authentication — What It Takes to Transform Secure Access
Date: 12/14/2017 @ 1 p.m. ET
The battle against spam continues, with many of the trends that started in 2007 dying out in favor of older techniques that worked, according to a new report from Symantec Messaging and Web Security.
One new trend, though, has been Europe surpassing the U.S. as the primary source of spam.
For the longest time, it had been botnet-infected (define) computers in the U.S. that pumped out the bulk of offers for mortgages and herbal Viagra, which comprised a staggering 78.5 percent of all e-mail floating around on the Internet according to Symantec.
Doug Bowers, Executive Editor in Symantec's Antispam Engineering group and editor of the report, attributes the change to a two-part condition in Europe: the growth in broadband and a lack of installed security software.
"The more prevalent broadband connections become, then the more potential targets you have to become botnets," he told InternetNews.com. "We've seen the adoption of security software lagging as broadband has exploded in Europe."
The nature of spam has also changed, particularly when it comes to the use of attachments. Image-based spam started appearing in 2006 but has tapered off, as it have other attachments, like PDF and MP3s, which never really took off en masse.
Bowers has theories on this trend as well.
"I think they gave up [on image-based spam] as filters got better," he said. "Spammers are smart, they measure their results, they move around to find other holes they can exploit."
Symantec found that only 8 percent of spam letters now use images, down from 52 percent a year ago.
This decline in the use of graphics has resulted in the average spam letter getting smaller. Now the majority of letters (64 percent) are 2KB to 5KB in size, generally the size of a normal e-mail.
In part, images have become passé because many spammers are going back to the tried-and-true method of sending a link and counting on the recipient to click.
A growing trend has been to embed Google links that trigger a search. When the user clicks on it, they are taken directly to a spammer's site.