My Spam analysis & filter updates for the week of Nov 29 - Dec 5, 2010
Look out Christmas shoppers! Spammers are ramping up their efforts to get some of your hard earned dollars. There is a virtual flood of crap mail deluging email inboxes this week, mostly hawking things like fake Viagra, counterfeit watches, illegal to import prescription drugs, bogus male enlargement herbs and pills, Russian dating and "chat" scams and work at home money laundering scams (money mule recruiters for bank account stealing Trojans, like Zeus/Licat and similar Bots).
Note: if you fall for a money mule recruiter scam (work at home and make $$$ per day/week) and become involved in transferring stolen funds overseas, you could go to jail for being an active accomplice in a money laundering scheme (of money stolen from bank accounts by hidden keystroke logging Bots). Always use the best anti-malware protection you can afford, like Trend Micro Titanium Internet Security and Malwarebytes' Anti-Malware (MBAM). These two commercial programs can detect, remove and block most badware being released on a daily basis. If you run MBAM as freeware, make sure you update it before scanning, and scan every day!
This past 7 days, spam for various types of garbage amounted to 56% of my incoming email. This is according to MailWasher Pro, which I use to screen incoming email before downloading it to my desktop email program (Windows Live Mail). I often see the same spam message sent to several of my accounts at the same time. I report any spam messages that make it through my auto-delete filters to SpamCop.
Here are some statistics regarding the spam received and categorized, from November 29, through December 5, 2010. These classifications are based upon my own custom MailWasher spam filters.
Percentage classified as spam: 56%; down 4% from last week Number of messages classified as spam: 469 Number classified by my custom spam filters: 419 Number and percentage of spam according to my custom blacklist: 23 Number classified as spam according to DNS Blocklists (SpamCop, Spamhaus, etc): 5 Number of spam messages seen, reported to SpamCop & manually deleted: 30The order of spam according to the highest percentages, is as follows:
Counterfeit (Rolex, etc) Watches: 23.49% Fake Viagra and Cialis: 22.82% Illegal to import and fake prescription drugs: 19.02% Male Enhancement scams: 9.4% Blacklisted sender names and domains: 5.15% Other miscellaneous filters (small percentages each): 5.15% Known Spam Domains in links (usually Russian: .RU): 4.25% Dating/Chat scams ("Russian Brides"): 2.91% Work At Home Scams (money laundering stolen funds): 2.24% Numeric IP link (hijacked PCs): 1.79% Pump and Dump Stock scams (like DYNV): 1.57% Russian Sender: 1.12% DNS Blacklisted Servers: 1.12%
I made 5 additions/updates to my custom filters:
APNIC (China, etc)
Dating Scams
Male Enhancement scams
Watches (fake, counterfeit Rolex, etc)
Work At Home Scams ("money mule" recruiters)
I made these changes to my custom Blacklist:
[email protected] (fails to honor repeated unsubscribe requests!)
Take my advice and never reply to spam email, just delete it. Never buy anything that is spamvertised. If you do, you will give your credit or debit card details to hardened criminals, in far away places. If you purchase illicit controlled drugs from abroad, they are subject to seizure by US Customs. It is against the law to import prescription drugs without a valid prescription issued by a physician who is validly licensed in the USA. Finally, there is no actual Canadian Pharmacy. If you see email purporting to come from Canadian Pharmacy, or any variation of those words, delete it. The non-existent company was conceived by Russian spammers. Any drugs actually shipped come from illicit pharmaceutical knockoff factories in Asia.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.