Botnets Multiplying as Spammers Prepare for Holiday Sales
Spammers are bombarding users with malware-laden spam in order to build up new botnets, just in time for the holiday season, security researchers said Oct. 19.
The Google Postini Services team analyzed spam and virus data collected during the third quarter by Google's security and archiving services, powered by Postini. The results, posted on the Google Enterprise Blog, found an abnormally high volume of virus activity in August while overall spam dropped July to September after several botnets were shut down.
There was a 241 percent increase in virus volumes in August over July and nearly double the volume from August 2009, wrote Adrian Soghoian and Adam Hollman. In comparison, spam volume was relatively constant during the quarter, with dips in August and September, according to the post. Virus activity was also high-188 million viruses were blocked in a single day, a record-noted the researchers.
August also had the greatest recorded surge in viral activity since 2008, far surpassing October 2009 when Mega-D infected more than 250,000 computers worldwide before being shut down, Soghoian and Hollman wrote.
The recent increase in viral activity could be a sign that spammers are building new botnets by taking over more computers, just in time for the holiday sales and increased online shopping, speculated the researchers. Consumers will be looking for deals and discounts and shopping more online, and may be particularly vulnerable to shopping-related scams.
Security researchers have often seen a correlation between spam, malware campaigns and seasonal consumer spending patterns, according to the post.
The researchers said the scammers continue to use familiar tactics, including spoofing major brands, celebrity gossip and fake financial transactions in their virus-laden messages. There was a new tactic, where previously sent e-mails were taken from the hard drives of infected computers and resent, fooling many recipients because the wording and content is familiar.
"As always, be on the lookout for suspicious email language and exercise extreme caution when clicking on links," cautioned the post.