Spike in Volume of Spam Carrying Malware and ZIP Attachments

Symatec reports that the output of malware-carrying spam has tripled in August, while the number of junk emails containing .ZIP attachments has increased four-fold.

It seems that this unusual spike was caused by the Zbot and Sasfis distribution campaigns, which are still on going.

Both of the threats are computer trojans, and Zbot (or ZeuS) in particular is commonly used to steal online banking details and other credentials.

An increase in the volume of spam emails with HTML attachments containing malicious JavaScript code has also been observed towards the end of the month.

As far as origin is concerned, the EMEA (Europe, Middle East and Africa) region has been the most proficient and generated 43.17 percent of spam. It is followed by North America with 25.78.

The number of phishing emails has jumped by 11 percent in August compared to the previous month, a change primarily attributed to automated tookit attacks, which doubled.

"Unique URLs increased slightly by 3 percent, and phishing websites with IP domains (for example, domains like http://255.255.255.255) increased significantly by about 147 percent," the Symnatec researchers write in the monthly State of Spam and Phishing Report (PDF).

United States remains the primary source of phishing emails and websites and accounts for over 50% of them. It is followed by Germany, Canada, United Kingdom and France.

Fourteen percent of phishing websites were hosted on free web hosting services and 87% of attacks targeted the financial sector.

Internet services was the most popular spam category, along with products, health, financial and 419 scams.

The number of .com spam URLs has risen by almost 8% and is now situated at 67%, while .ru addresses have decreased by half.

"Symantec advises users to exercise caution when opening attachments in email messages. Users should also ensure that their operating system is up-to-date and a comprehensive security suite has been installed," the company says.