My Spam analysis & filter updates for the week of Apr 4 - 10, 2011
Following last week's slight drop in spam, this week's levels increased by 6% (of my incoming email). Spam for counterfeit watches led the pack by a 19% margin. This was followed by pharmaceuticals of the usual type. Also, there was a noticeable barrage of malware infected spam claiming to come from Express Services and Postal Express. I hope that none of my readers were curious enough to open one of the attachments from these fake courier scams. If you did, your PC is now probably a member of a botnet.
Spammers depend on the cheap use of millions of infected PCs that have been involuntarily made zombies in spam botnets. As authorities shutdown one botnet another rises to claim their share of the spam pie. As the number of infected machines declines, due to the owners being made aware of their problem and disinfecting their computers, the bot herders use whatever means is available to them to regain zombies in their herds. Sending fake delivery notices with bot installers is one of the favorites of malware distributors.
You still need spam protection and it is showing signs of getting worse again. MailWasher Pro is the program I use to detect and delete spam. My spam statistics are obtained from the program, showing how effective it is as a spam fighting tool.
This past 7 days, spam for various types of garbage amounted to 41% of my incoming email. This is according to MailWasher Pro, which I use to screen incoming email before downloading it to my desktop email program (Windows Live Mail). I report any spam messages that make it through my auto-delete filters to SpamCop.
Here are some statistics regarding the spam received and categorized, from April 4 - 10, 2011. These classifications are based upon my own custom MailWasher spam filters. Most of this spam is automatically deleted by MailWasher Pro and my custom filters. The statistics are obtained from the program's logs.
Statistics Overview
Percentage classified as spam: 41%; up 6% from last week
Number of messages classified as spam: 270
Number classified by my custom spam filters: 256
Number and percentage of spam according to my custom blacklist: 0
Number classified as spam according to DNS Blocklists (SpamCop, Spamhaus, etc): 1
Number of spam messages seen, reported to SpamCop & manually deleted: 24
The order of spam categories, according to the highest percentages, is as follows:
Counterfeit Watches: 28.4%
Pharmaceuticals and illegal prescription drugs: 19.07%
Male Enhancement scams: 15.562%
(.BR, .CN, or) .RU domain links: 14.79%
Courier Spam (botnet Trojans in attachments): 6.23%
Fake Viagra and Cialis: 3.89%
Weight Loss Scams: 3.89%
Other Filters (with small percentages): 2.33%
Pills: 2.33%
Counterfeit Goods (bags, jewelry): 1.95%
Russian Bride Scam: 1.17%
DNS Blacklist Servers: 0.39%
This week I made 3 updates and/or additions to my custom filters:
Courier Scam #7 (2x),
Weight Loss Drugs
There were no false positives last week. All filters behaved as intended. Note, that I now publish three types of spam filters for MailWasher Pro. One type is for the latest 2011 series, in xml format, and two are for the previous series 6.x. One of those filters is set for manual deletions and the other for automatic deletions. You can read all about MailWasher Pro and the filters I write for it, on my MailWasher Pro Custom Filters page.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.