PandaLabs, a malware analysis and detection laboratory, today (April 22) announced that less than 7% of emails that reached companies in the first quarter of 2009 were legitimate correspondence. Some 91% of messages were spam, while 1.6%, or more than 1.1 million messages, were infected with some type of malware.
This data is based on the analysis by TrustLayer Mail, the clean mail managed service from Panda Security, which examined 69 million email messages sent in the first quarter of 2009.
The amount of spam detected between January and March 2009 has increased slightly with respect to the same period in 2008, when spam accounted for 90% of the email received by companies.
With respect to the different types of spam, it says, the amount of junk mail related to false job offers rose significantly, probably due to the global recession and associated unemployment rates.
“Cyber-crooks have been exploiting the desperate economic situation of the unemployed by offering enticing, too-good-to-be-true jobs. Their real aim, however, is to recruit money-mules; i.e. trick people into laundering money through their bank accounts,” explains Luis Corrons, technical director of PandaLabs.
Highlights of recent findings in Q109:
- About 302,000 computers were newly infected and turned into zombies to redistribute spam.
- The U.S. remains the leading source of spam during the first quarter of 2009, accounting for 11.6% of the total, followed by Brazil (11.5%) and Romania (5.8%).
- Twitter has been heavily targeted by cyber-crooks as a platform for launching phishing attacks. Attackers prey on peoples’ curiosity by sending them a direct message telling them that there is a post about them or an image of them on a blog. When users click on the link, they are redirected to a spoof Twitter page. If users enter their Twitter credentials on this page, their data will fall into the hands of cyber-crooks who then use the accounts to send spam.
PandaLabs uses an automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security’s new security model.