In the BitDefender rankings, penny stocks were the most common spam subject, followed by pharmaceuticals, adult content, replica watches and loan offers. Other leading spam topics for the year included pirated software downloads, fake job offers, dating-site lures and bogus diplomas.
Although it did not crack the Top 10 as a spam topic, BitDefender analysts also observed an increase in politics-related spam, a trend that researchers expect to “grow dramatically” as the 2008 U.S. elections get closer.
Viorel Canja, the chief of BitDefender’s antivirus lab, said that the spam trends also indicated a shift in terms of how threats are delivered and instigated by attackers.
“The past year has seen both the tail end of the mass mailer age and the rise of the botnets as the top threat category,” Canja said. “BitDefender's Top 10 for 2007 also reflects a reemergence of file infectors as a credible threat, primarily because of widespread P2P sharing.”
BitDefender’s analysts also reported that while phishing spam was less prominent this year than in 2006, the phishing techniques employed this year were “much more dangerous” than in previous years, due to the increasingly sophisticated nature of the phishing messages. Phishing emails targeting bank customers, for example, showed improved attention to detail on the part of the spammers, BitDefender reported.
“The templates used to create these emails were generally very well-crafted and extremely similar to the web forms used by the target banks, although spelling mistakes and a web address different from that of the original bank were still apparent in many cases,” BitDefender reported.
BitDefender’s experts predicted that phishing spam will continue to be a significant threat in terms of both its volume and damage done in 2008, as attackers continue to improve on their techniques to circumvent spam filters, and “increasing use of SSL authentication by phishing websites …. to get the all-important ‘lock icon’ look in the victim’s browser.”
For information on current security threats and trends, visit BitDefender’s real-time reporting page.
