News

Spammers Exploiting the Recession

The economic crisis is scaring many people, and spammers are exploiting the fear for all it's worth. Security researchers say that unprecedented economic uncertainty is translating into unprecedented opportunity for purveyors of spam.

"With economic concerns mounting across the globe and intense media coverage of the downtown, it is clear that spammers believe that economic spam is a useful vehicle -- a dark cloud that for them holds a silver lining," said the March 2009 "State of Spam" report from Symantec Corp (available here).

Symantec's monthly "State of Spam" reports provide a breakdown of all spam activity during the previous month. The latest report paints a particularly dismal portrait of spam activity, with spammers tweaking their messaging to better exploit recession-related fear, uncertainty and doubt (FUD).

Spammers don't even have to be particularly creative, said Symantec researchers. In the current climate -- with the world in the midst of the biggest economic panic in 80 years -- FUD-mongering isn't all that difficult, they concluded, citing a sharp uptick in employment-related spam.

"Recipients of these messages are often asked to provide personal information such as first and last name, ZIP code, cell phone number, home phone number, work phone number and age," the report indicated.

Not all FUD-mongering spam is unimaginative, of course. Some spammers are even recasting rejection -- in the form of the classic employment rejection letter -- into opportunity. "[A] spam message has been observed recently which targets one of the downsides to looking for a job -- the rejection letter. In the particular spam message observed, the messages states that 'Unfortunately we have to inform you that your qualifications and experience does not fit the position you applied for,'" said Symantec researchers.

In several cases, this scam uses ostensibly legitimate URL links -- pointing, Symantec said, to well-known headhunting or recruitment firms -- to burnish its air of legitimacy. Recipients are encouraged to double-click on an attachment, which contains a hacktool. "If human curiosity prevails and the recipient opens the attachment, the user's system becomes the subject of an attack from the Hacktool.Spammer malicious virus. Hacktool.Spammer is a program that hackers use to attack mail boxes by flooding them with e-mail. It can be programmed to send many e-mail messages to specific addresses."

Spammers are also using phony e-mail messages purporting to be from the Internal Revenue Service (IRS) -- such attacks typically invite users to submit "Economic Stimulus Payment" forms -- or using e-mails claiming that "Economic Stimulus Grants are now available."

That said, financial spam actually decreased in February, according to Symantec, dropping from 12 percent to 11 percent of all spam activity. On the other hand, all-purpose fraud increased, growing from 4 to 5 percent of all spam activity.

Other spam sectors that saw growth were Internet-related (up 8 percentage points) and leisure-related (up 7 percentage points). The United States continues to lead all other countries in the production and dissemination of spam, accounting for 25 percent of all spam activity in February (that's up 2 percentage points from January); Brazil is second, globally, at 9 percent (down a single percentage point from January); India rounds out the Top 3 at 5 percent (up a single percentage point from January).

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.