Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Response

Symantec Monthly Spam Report - April 2007

Created: 10 Apr 2007 07:00:00 GMT • Updated: 23 Jan 2014 18:50:26 GMT
Kelly Conley's picture
0 0 Votes
Login to vote

The Symantec “State of Spam” report for April 2007 is now online. This month’s report includes a spotlight on spam trends in the Europe, Middle East, and Africa (EMEA) region. One of the highlights is a discussion on the categories of spam detected in EMEA. I found this particularly interesting because there were some marked differences between worldwide spam and EMEA-specific spam. The most notable instances were the financial and scam categories.

Whereas spam related to financial goods and services accounted for 20 percent of worldwide spam, it accounted for 31 percent of spam detected in EMEA. Spam messages detected in the EMEA region that were categorized as scams were double the number reported worldwide. While only six percent of all messages globally were scams, 12 percent of spam in EMEA included scam messages. The common theme apparently is how the spammer can relieve you of your money, be it through bogus financial gains of penny stocks or finagling it through scams such as the Euro lotto.

Globally, the top spam category was health, but in EMEA this was not the case. While the rest of the world was being subjected to spam advertising weight loss drugs and herbal remedies, EMEA was being spammed with messages on how to increase wealth and what financial investments to make.

Another trend that is emerging in EMEA is the spamming technique of inserting Russian and German text in the bodies of messages. Spammers do this to obfuscate the text enough to escape filtering by anti-spam products. This is a twist on an old obfuscation technique that we refer to as a “Shakespeare attack,” in which spammers will insert random excerpts from a book somewhere in the body of the spam message. Often times this text is generated by a randomizer to ensure that the same excerpt is not delivered in every message. In EMEA, this Shakespeare text is being generated in Russian and German languages instead of English.

The “State of Spam” report also reveals that multi-language spam is now being used in EMEA. Where English was once the language of spam, several additional European languages are now successfully being utilized to send spam messages. These languages are now fully integrated into spam and spammers are taking full advantage. I would insert a lame joke about resistance being futile, but it’s not. Being well staffed with multi-language capabilities, we’re prepared for languages other than English.

For more on these issues and other spam trends that Symantec has observed over the past month, please read the latest “State of Spam” report.