My Spam analysis & filter updates for the week of Dec 27, 2010 - Jan 2, 2011
This week, fewer spammers than usual are still promoting fake Cialis and Viagra, counterfeit watches, bogus male enlargement herbs and pills, illegal to import prescription drugs, fake e-cards or messages containing only a link to malware exploit sites, fake product recommendations and Nigerian 419 scams.
This past 7 days, spam for various types of garbage amounted to 38% of my incoming email. This is according to MailWasher Pro, which I use to screen incoming email before downloading it to my desktop email program (Windows Live Mail). I often see the same spam message sent to several of my accounts at the same time. I report any spam messages that make it through my auto-delete filters to SpamCop.
Here are some statistics regarding the spam received and categorized, from Dec 27, 2010 - Jan 2, 2011. These classifications are based upon my own custom MailWasher spam filters.
Percentage classified as spam: 38%; down 10% from last week Number of messages classified as spam: 172 Number classified by my custom spam filters: 161 Number and percentage of spam according to my custom blacklist: 3 Number classified as spam according to DNS Blocklists (SpamCop, Spamhaus, etc): 2 Number of spam messages seen, reported to SpamCop & manually deleted: 6The order of spam according to the highest percentages, is as follows:
Counterfeit (Rolex, etc) Watches: 26.32% Male Enhancement scams: 26.32% Fake Viagra and Cialis: 25.73% Pharmaceuticals and fake prescription drugs: 11.70% Known Spam Domains in links (usually Russian: .RU): 2.92% Blacklisted sender names and domains: 1.75% Other miscellaneous filters (small percentages each): 1.74% African Sender (419 scams): 1.17% DNS Blacklisted Servers (RBL): 1.17% Hidden ISO Subjects: 0.58% Re: or Fwd spam: 0.58%
I made 1 additions/updates to my custom filters:
New filter: Dating Spam #2
I made 0 changes to my custom Blacklist:
Watch out for fake e-cards this Winter. They all lead to malware attacks that will hit your browsers with over a dozen exploit attempts, led by Java exploits with a fake Java Update file named host.exe. Many un-savvy users could be fooled by this social engineering trick, which pops up a warning that the publisher of the file, although claiming to be Java Sun, cannot be varified. That is because there is no signed certificate accompanying this hostile file!
Not just Java is vulnerable to exploit attacks. If just one of the other installed pieces of software is a vulnerable version, your PC could be taken over by criminals without your knowledge. If your PC gets owned by cybercriminals, it will probably become a member of a criminal Botnet. This means that your computer will become a spam sending tool and may also be used as an attack tool against websites and Governments.
A word regarding knockoff watches: they are made in China, have no applicable warranty, cannot be returned if defective, are sold by criminal spammers, and are inferior to the real items they are copying. If you buy a counterfeit name brand watch, know that a fool and his money soon will part! Ditto for fake diplomas that are offered from time to time and all of the fake Viagra pills and enlargement scams that appear every day. Fake drugs may harm or kill you and are illegal to import into the USA and Canada and subject to seizure by Customs.
Take my advice and never reply to spam email, just delete it. Don't bother trying to unsubscribe from spam mail lists. Nobody ever gets de-listed; you will only confirm that your email address is valid by using the bogus unsubscribe links. Think about it: if you never signed up to receive the (fake) goods advertised in a spam email, why should you have to unsubscribe? The unsubscribe links are not honored. However, people using them are added to databases of proven live accounts and their names are sold to other spammers.
If you are tricked by an email message into visiting a malware attack site, scan your computer for acquired malware threats using the legitimate online scanner at http://housecall.trendmicro.com, or at kaspersky.com.
If malware is found, their scanners can remove most of it. If not, download a trial version of Trend Micro Internet Security. You can read about it and download it from my webpage about Trend Micro security products.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.