MessageLabs: URL shortening services use for selling drugs
by Steve Ragan - Aug 25 2009, 19:01According to Symantec’s new MessageLabs Intelligence report, shortened-URL spam continues to be a popular technique for spammers seeking to sell drugs online. Another aspect to the report singles out Real Host. When Real Host was closed earlier this month, spam traffic from the Cutwail botnet dropped significantly.
Starting with the drugs, MessageLabs’ report says that spammers are taking advantage of the heightened interest in health-related issues, such as swine flu and Obama’s healthcare reform, to distribute large shortened-URL spam runs using the Donbot botnet. You’ve likely seen one or two of the messages in your own mailbox.
The subjects, which will vary, as well as the shortened links inside them, all pitch knock-off pharmaceuticals. The subjects of the spam are centered on current events such as this one which was seen in late July, “President Obama announced that he’s providing affordable meds to people with no health care - Get meds now.” Another one, which is just funny, read, “Obama Opens Online Pharmacy”
According to the report, spam runs containing many new shortened-URLs continued through July and August, with a peak of activity on 26 July at 9.25-percent of all spam, equivalent to more than 10 billion spam messages per day worldwide.
On the topic of another botnet, Cutwail, and the closure of Real Host, MessageLabs said that the impact of the closure was immediately felt as spam volumes dropped briefly by as much as 38-percent in the subsequent 48-hour period. The Cutwail botnet is the reason for about 15 to 20-percent of all spam, and while the Real Host shutdown caused spam levels to fall by about 90-percent, the botnet recovered in a matter of days.
Other highlights from the August report include an overall drop in spam, which fell by one-percent since July. Malicious attachments in email remains the same, where one in 297 emails contained Malware. Phishing went down slightly when compared to July, as one in 342 emails was related to Phishing in one form or another.
The entire report is online here.
Comment on this Story