Malicious YouTube links seen in August spam: Symantec report

Overall spam activity increased by 3 percent in August as malicious e-mail sent from YouTube made an entrance similar to recent e-card spam tactics, according to Symantec's monthly report on the state of spam.

The new study found that overall spam levels in August increased to an average of 69 percent of total e-mail, up 66 percent of total e-mail in July. The report found that spammers continue to use a variety of attacks containing malicious URLs, which accounted for up to 15 percent of all spam in August

The new YouTube spam came from such malicious links. The spammers used the dotted quad URL tactic that sends those who click on the e-mail to a malicious link hosting malware.

"This spam tactic often seen in e-Card spam represents a vicious circle where users are driven to a malicious site, their machine gets infected, and they become part of a botnet, further multiplying the distribution of spam," said Doug Bowers, senior director of anti-abuse engineering at Symantec.

In addition to the new YouTube attack, the report found that in early August, a dramatic increase in PDF spam. At its peak, Symantec estimated that PDF spam accounted for nearly 20 percent of all spam. As August ended, so did PDF spam. By the end of the month it accounted for less than 1 percent of all spam, according to the report.

The report also found that image spam levels remained steady in August as it continued to represent about10 percent of total spam. In addition, spam messages containing URLs with Chinese domains increased by 7 percent from July. These e-mails are being sent to primarily promote pharmaceutical products and casinos.