My Spam analysis for July 6 - 12, 2009
This is the latest entry in my weekly series about classifications of spam, according to my custom filter rules used by MailWasher Pro. The categories are shown on the "Statistics" page > "Junk Mail," as a pie chart, based on my custom filters and blacklist. The amount of email flagged as spam is shown on the "Summary" page of Statistics.
The volume of spam coming to my various honeypots and user accounts has decreased slightly this week, after several weeks of increases. This suggests to me that some of the Botnets have once again lost their Control and Command servers, following the recent forced shutdown of colocation host Pricewert. Pricewert hosting customers included several Botnet Command and Control servers. Spammers found other hosts, but appear to be having trouble maintaining them.
The classifications of spam in my analysis can help you adjust your email filters according to what is most common, on a weekly basis. Most of the spam this week was for the fake Canadian Pharmacy, which sells illicit and counterfeit pharmaceuticals like Viagra, weight loss ripoffs and pirated software. There was even some casino spam last week.
See my extended comments for this week's breakdown of spam by category, for July 6 - 12, 2009 and the latest additions to my custom MailWasher Pro filters
MailWasher Pro spam category breakdown for July 6 - 12, 2009. Spam amounted to 12% of my incoming email this week. This represents a 7% decrease from last week.
Known Spam Domains (a great filter!): | 42.31% |
---|---|
Canadian Pharmacy spam: | 15.38% |
Viagra spam: | 7.69% |
Weight Loss Scams (e.g. Acai Berry) | 7.69% |
Casino spam: | 3.85% |
Male Enhancement Patches, etc: | 3.85% |
Yahoo Groups Spam Link: | 3.85% |
Counterfeit Software: | 3.85% |
Blacklisted Domains/Senders (e.g: kef+diz@+): | 3.85% |
Pharmaceutical Spam: | 3.85% |
HGH Scams: | 3.85% |
The latest weekly additions to my custom MailWasher Pro filters was the deletion of the Geocities filter, which has been replaced with the Yahoo Groups spam link filter. Yahoo has done away with Geocities, which were free websites, mostly used by spammers, hobbists and newbies to websites. A lot of this week's spam contained links to Yahoo groups and fit a predictable pattern, so I created a filter to match and delete it.
MailWasher Pro intercepts POP3 and IMAP email before you download it to your desktop email client (e.g: Microsoft Outlook, Outlook Express, Windows Live Mail) and scans it for threats or spam content, then either manually or automatically deletes any messages matching your pre-determined criteria and custom filters. It is my primary line of defense against incoming spam, scams, phishing and exploit attacks. If you are not already using this fine anti-spam tool I invite to to read about it on my MailWasher Pro web page. You can download the latest version and try it for free for a month. Registration is only required once, for the life of the program.
To protect your computer from web pages rigged with exploit codes, malware in email attachments, dangerous links to hostile web pages, JavaScript redirects, Phishing scams, or router DNS attack codes, I recommend Trend Micro Internet Security. It has strong realtime monitoring modules that stop rootkits and spam Trojans from installing themselves into your operating system. Also known as PC-cillin, it is very frequently updated as new and altered malware definitions become available and it checks for web based threats and new malware definitions by searching secure online servers owned by Trend Micro. This is referred to as "in-the-cloud" security.
All of the spam and scams targeting my accounts were either automatically deleted by my custom MailWasher Pro spam filters, or if they made it through, was reported to SpamCop, of which I am a reporting member, and manually deleted. MailWasher Pro is able to forward messages marked as spam to SpamCop, which then sends a confirmation email to you, containing a link. You must click on the enclosed reporting link and open it in your browser, then manually submit your report. This is how SpamCop wants it done.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.