Spam and the Housing Bust

Spammers are using the mortgage crisis and downturn in the real estate market to sneak spam past worried users.

If nothing else, spammers are good at following the news.

Symantecs October State of Spam report found spammers were using homeowners concerns about the real estate market as part of recent spam campaigns. The idea, researchers said, was to steal victims personal information by tricking them into believing they were being evaluated for an equity loan, refinancing or a house.

Such efforts were part of the reason spam rose to account for 70 percent of all e-mail traffic in September, according to experts at Symantec, based in Cupertino, Calif. Though that amount represents an increase of about only 1 percent from August, the spam landscape continues to undergo noticeable change.

For example, image spam, once a regular visitor to e-mail inboxes around the world, has continued to fall out of favor with spammers, dropping from 10 percent of all spam in August to 7 percent in September, according to the report.


What would it take to stop spam? Click here to read more.

"This is really driven by economics, and spammers are in this to make money," said Doug Bowers, senior director of messaging security for Symantec. "The life span of spam attacks generally correlates to how much effort is required by spammers to circumvent anti-spam filters. At the end of the day, the aim of spammers is to peddle their wares and they will explore any and all avenues, including text-based spam, to realize this goal."

At its peak in January 2007, image spam accounted for nearly 52 percent of all spam, according to estimates from Symantec. It soon began dropping, to 37 percent in March, 27 percent in April and 16 percent in May. However, in its place, new attacks began emerging—text and HTML-based attacks are picking up the slack, the report said.

"In June and July, Symantec saw PDF spam make a splash. Spammers also began testing other types of attachment spam, such as excel and .zip files," he said. "At its peak, Symantec estimated that PDF spam accounted for nearly 20 percent of all spam. But by the end of August, a dramatic decline of PDF spam was recorded, [so that PDF spam was] accounting for less than 1 percent of all spam."

The United States remains the primary region of origin for the worlds spam. According to Symantecs recently released ISTR (Internet Security Threat Report), the United States has the highest number of bot command-and-control servers, accounting for 43 percent of the worldwide total.

This is largely the result of the United States Internet and technology infrastructure, Bowers said, noting that as of June 2006, more than 58 million broadband Internet users were located in the United States—the highest number in the world.

"As we enter the last months of 2007, it is interesting to reflect on the spam attacks that have passed, but its a good reminder that we must remain vigilant against spam attacks that are currently in the cooking pot as well," he said.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.