Looking at Swine Flu Spam Globally
Wednesday April 29, 2009 at 7:09 pm CST
Posted by David Marcus
Following up on Chris Barton’s excellent blog the other day on swine flu spam, we wanted to take a closer look at the numbers…..
Many people may not realize that the words “swine” and “flu” had really not been seen in spam before this past weekend and almost certainly not together in the same subject line, so we kinda started there. Using our Trusted Source technology and intel I was able to pull the following chart on the sheer growth in the words “swine” and “flu” when used just as a subject for the last several days:
Bear in mind that is NOT daily volume growth but rather the growth in its use as a subject.
From the beginning of the campaigns we have seen it generated from all over the world, not really a surprise when one considers the global nature of botnets and spam anyway but the country breakdown is interesting to look at. Seems that Brazil, the United States and Germany are the biggest producers/sources at the moment:
No safe country from spammers eh? When you consider that on any given day there is between 80 to 170 billion email messages with 78 to 90 percent of that number being spam, sending with the subject of “swine flu” gives these criminals a high chance of success due to the media attention the subject is already getting. Social engineering is one of the most successful and dangerous tools at the spammers disposal and it is very hard to protect against.
We have also seen sites with the words “swine” and “flu” pushing malware as well. In this case its a redirect to a Russian-based site that requires our old friend the fake codec be installed to view the movie:
Malware writers, spammers and scammers are low lives. They will use any high media event or high impact news story to push their wares including the sickness and misery of others. Stay vigilant and stay safe. Should you need credible information on the influenza pandemic then go to The World Health Organization website.
April 30th, 2009 at 02:01
[...] laboratorios Avert Labs del fabricante de productos de seguridad McAfee han comenzado a detectar envíos masivos de correo [...]
April 30th, 2009 at 10:10
[...] originated in Brazil, the United States and Germany. There’s a chart that shows the breakdown on the McAfee Avert Labs blog. McAfee has also seen sites with the words “swine” and “flu” pushing malicious code. In [...]
April 30th, 2009 at 22:32
[...] Looking at Swine Flu Spam Globally – Spammers Trying To Cash In on Swine Flu Frenzy – Swine Flu Spam Címkék: Symantec, [...]
May 1st, 2009 at 03:44
[...] we saw yesterday on David’s post, Brazil is the number one source of spam related to Swine Flu. In this case, the spammers use the [...]
May 6th, 2009 at 04:02
[...] to 170 billion email messages are sent out, and about 90 percent of those are spam, according to McAffee security experts. Unfortunately, even cyber criminals are trying to cash in on the swine flu [...]
May 8th, 2009 at 22:59
I felt really sick the other day, so I called the Swine Flu Hotline.
A lotta good that was! All I got was crackling.
July 8th, 2009 at 11:57
Ah, you can see that there’s very obviously a trend.. the spammers are targeting people in countries that have had prominence of swine flu.. very clever..