Malicious SPAM with sometimes highly legitimate looking graphics is making a comeback in first half of 2013

QUOTE: AppRiver released its mid-year Threat and Spamscape report, a detailed summary and analysis of spam and malware trends traced between January and June 2012. During the first half of 2012, there was a significant uptick in virus-laden messages.  At the start of 2012, for example, AppRiver stopped email-borne virus and malware activity at a rate of about five million messages per month.  That figure spiked to 40 million malicious messages in April 2012.

“We have noticed an increase in both the volume and the quality of emails with malicious URLs,” said Fred Touchette, senior security analyst at AppRiver. “Not only are there more of them, they are also using more sophisticated graphics that look very similar to the graphics of their legitimate counterparts. This makes it much easier to trick people into revealing their personal information such as bank account numbers.”

In a new video available at, Touchette and fellow AppRiver Security Analyst Troy Gill discuss highlights from the mid-year Threat and Spamscape report, including:

* Surge in Smartphone Spam: With smartphone use on the rise, spammers are using text messaging to trick smartphones users into clicking on malicious links or responding to them. Similar to the nefarious practice called, “Pay Per Install,”  text spammers try to lure users into installing software and then make money off each installation and/or steal personal information.

* Zeus Continues its Reign: Campaigns purporting to be banking security updates continue to target email users.  Earlier this month, Zeus donned a new avatar to dupe unsuspecting recipients. This new version of the Trojan conveyed a “Credit Notification” from Wells Fargo informing recipients that their accounts had been credited $11,000.00. To convince users of its legitimacy, the authors attached details of the transaction in a file suitably named “transaction&” Once executed, the attachment embedded itself on the victim’s machine and stole bank credentials.

* Blackhole Toolkit Gaining Traction: In addition to Zeus, the Blackhole crime toolkit quickly made its way among the heavy hitters during the first half of 2012. Sold on the underground forums for cheap, the Blackhole toolkit is readily available and can be leveraged to create a foothold by installing the Zeus Trojan on many machines.

* Cyber Warfare No Longer in the Dark: In the wake of Stuxnet and Duqu worm discoveries, another very complex piece of code was recently discovered that targeted the Middle East and North Africa.  The virus, dubbed “Flame,” marked a new era in cyber warfare demonstrating how unique, hard-to-detect cyberweapons can be successfully deployed against nation states.

Full copy of AppRiver’s Threat and Spamscape report, please visit: