Spam down slightly, as ACH and Facebook scams play out
After peaking two weeks ago, the volume and percentage of spam in my Inbox has declined again by 2%, to 39%. While most email spam is for counterfeit pharmaceuticals and watches, much of the spam over the past few weeks has contained malicious attachments, or links to exploit attack websites.
The weekend of September 9 through 11 finally saw the (temporary) end of a prolonged spam run for fake ACH failure notices, all containing the Zeus/Zbot Trojan, as well as the almost month long campaign of fake Facebook Friend Requests (with Arabic names in the subject). Those emails were scams and had links to a website that contained both on-page and hidden codes leading to serious malware infections, including the Zbot.
The purpose of the malware attachments and hostile link spam blasts was to infect unsuspecting computer users with key loggers that steal their online banking credentials (and all their money), and to install botnet remote control backdoor software on them.
See my recent posts (listed in the right sidebar) during August and early September, 2011, about the ACH and Facebook scams leading to botnet infections. They, and other articles like them, are also found in my "Spam" category listings.
I use the anti-spam program MailWasher Pro to filter out spam, malware attachments and dangerous links, before downloading any messages to Windows Live Mail, which is my desktop email client.
Spam Statistics for September 5 through 11, 2011
Total email received: 440
Amount classified as spam: 172
Percentage of spam: 39%
Number matched by my custom filters: 155
Number caught by my Blacklist: 14
Number identified by DNS Blacklusts: 3
Reported to SpamCop: 10
Individual categories of spam follow...
Percentages of spam by category of filter.
Male Enhancement: 26.16% (up)
Pharmaceutical Spam: 11.05% (no change)
Zip Attachments (Zbot/Zeus Trojan): 8.72% (no change)
Cialis (counterfeit): 8.72% (down)
.RU, .RO, or .UA links: 8.14% (up)
My Custom Blacklist: 8.14% (up)
Software Spam (pirated "Whirl Wind Software," on Ukrainian domains): 7.56%
Counterfeit Watches: 6.40% (down)
Miscellaneous filters: 5.81% (up)
Weight Loss scams (HCG): 3.49% (down)
Viagra (counterfeit): 2.33%
Diploma Scams: 1.74%
DNS Blacklisted Email Servers: 1.74% (n.c.)
Updates to my Custom MailWasher Filters:
Cialis,
Hidden ISO Subject,
Watches
New Blacklist entries:
No new addresses. But, the .DE (Germany) blacklist entry has proved very effective in auto deleting a lot of pirated software spam. Here's the rule: +@+.de
Note: I write and publish custom spam filters for both the old and new versions of MailWasher Pro.
I use and recommend MailWasher Pro (2011) to screen my incoming POP3 email for spam, scams and virus threats, before downloading anything to my Windows Live Mail email client.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.