Phishing grows as NDR spam tapers off
Phishing spam is on the rise, according to Symantec. According to Symantec's report State of Spam May 2008, which examines spam trends from April, 80% of all e-mail from the month was spam.
Of these spam messages, 19% were either fraud (phishing) or scam e-mails, which encourage recipients to give away personal information. One example is a message that asks recipients, “Do you want to be a movie extra?” If a recipient clicks on of the URLs in the message it will redirect the Web browser to a spammer's site, which solicits for personal information. Another attack reached out to business executives.
“It's not just about promotions anymore, it's about pushing people to give up personal information so that they can try to rip people off,” said Doug Bowers, executive editor of antispam engineering at Symantec.
While phishing attacks are on the rise, NDR (Non-delivery report) bounce messages leveled off after April 22. NDR messages take advantage of systems that will return full message copies with delivery failure reports, out of office messages and mailbox quota messages. NDR spam averaged 2.7% of spam in March and 3.7% in April. However, as April ended, NDR spam accounted for less than 2% of all spam.
As is typical, spammers also used the name of a legitimate business to push illegitimate e-mail. Symantec noted spam messages claiming to come from Google AdWords in this report.