News

Spam-Based Malware Shows Dramatic Rise

The volume of spam traffic often roughly correlates with the state of the economy: The gloomier the economic outlook, the gloomier the state of spam traffic.

Take the most recent "State of Spam" report (PDF) from security specialist Symantec Corp. It found that spam accounts for the overwhelming majority of e-mail traffic: 86 percent, according to Symantec's tally.

That isn't surprising. Spam traffic has hovered in the 83 to 86 percent range for about a year. What is alarming is that spam-based malware traffic -- i.e., malware that "piggybacks" on top of (or is otherwise linked to via) spam messages -- increased dramatically last month, surging by 900 percent between August and September. At one point in September, Symantec reports, malware accounted for almost 5 percent of all spam traffic.

Although spam traffic was down last month relative to the year-ago period, Symantec researchers are far from sanguine. For one thing, spam volumes have been steadily climbing back up to previous levels.

The main reason spam volumes declined in the first place was because hosting provider McColo.com -- which researchers say accounted for two-thirds or more of global spam volumes --- went offline last November.

"While the single-digit increase [in spam-based malware] may seem relatively small at first, the consequences of this rise [are] quite significant when you consider that 86.39 percent of all e-mail messages in September 2009 were spam," write Symantec researchers Dylan Morss and Dermot Harnett.

One upshot of a surge in spam-based malware is an explosion in the size of e-mail messages: "[I]n September, spam messages with a size greater than 10[KB] increased by 5 percent while spam messages that had an average size between 0 and 2[KB] dropped by 7 percent," the pair notes.

What's more, Morss and Harnett say, spam messages of 10KB or more now account for 13 percent of all e-mail traffic. Although the 2 to 5KB range seems to be the sweet spot, accounting for 55.19 percent of all e-mail traffic, Symantec also remarked on the rise in spam messages of between 5 and 10KB. Nearly 30 percent of e-mail messages last month fell into this category.

The effects of this increase are far-reaching. Aside from the issue of malware attachments, the sheer size of messages complicates things for IT, Internet service providers and legitimate e-mail traffic. "Larger messages cause a significant burden on IT resources and can delay the delivery of legitimate messages from reaching their intended users," the authors report.

Elsewhere, Symantec reports, the United States continues to generate most of the world's spam. In September, the United States actually increased its output of spam by 2 percent to 25 percent of the global total.

Brazil was second (at less than half of the U.S. tally), followed by South Korea, India, Poland and Vietnam, all with one-sixth of the U.S. figures.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.