14 DAY TRIAL // The use of public URL shortening services makes it more difficult for anti-spam countermeasures to detect and block the malicious messages sent by cyber masterminds in their effort to take over our digital assets.
The latest Symantec Intelligence Report reveals that the number of spam messages dropped by 0.6% compared to September, Saudi Arabia remaining the most spammed, followed closely by Russia with almost 80% of the email representing undesired and ill-intended content.
Fake or rogue pharmaceutical related alerts were the most common, gambling and jewelry occupying the next two positions. The names and reputation of NACHA and ACH are the most affected, the two being the most widely deployed names in the subject lines of spammy emails.
When it comes to phishing, the UK was the preferred target of phishers with one in every 178 emails identified as being an attempt to steal credentials.
Malware also hit the UK, numbers showing that one in 146 electronic mail notes contained a malevolent attachment.
Even though the figures show a decrease in spam, by using shortened URLs they become more sophisticated as you can never know what these links might hide.
“Spammers are using a free, open source URL shortening scripts to operate these sites. After creating many shortened URLs with their own service, the spammers then send spam including these URLs. These particular spammers use subjects designed to attract attention, like 'It's a long time since I saw you last!', 'It's a good thing you came' and so on.
“This is a common social engineering tactic, and is designed to arouse curiosity, particularly if they have a false sense of security around the safety of shortened links” said Paul Wood, senior intelligence analyst, Symantec.cloud.
In October a hacker collective was discovered to be using 80 public URL shortening sites, most relying on the .info top-level domain to operate.
“It is possible that spammers are setting up their own URL shortening sites since legitimate URL shortening sites, which have long suffered with abuse, have slightly improved their detection of spam and other malicious URLs.
“It's not fully clear why the sites are public. Perhaps this is simply due to laziness on the spammers' part, or perhaps an attempt to make the site seem more legitimate,” Wood added.