Symantec Announces May 2010 MessageLabs Intelligence Report
Symantec Corporation today announced the publication of its May 2010 MessageLabs Intelligence Report. Analysis reveals that nine out of ten spam emails now contain a URL link in the message. In May, five percent of all domains found in spam URLs belonged to genuine web sites. Of the most frequently used domain names contained in spam URLS, the top four belong to well-known web sites used for social networking, blogging, file sharing and host other forms of user-generated content.
"Domains belonging to well-known web sites tend to be recycled and used continuously compared with 'disposable' domains which are used for a short period of time and never seen again," said MessageLabs Intelligence Senior Analyst, Paul Wood. "Perhaps this is because there is some work involved in acquiring them: the legitimate domains require CAPTCHAs to be solved to create the large numbers of accounts that are then used by spammers."
While Rustock is the botnet that uses the greatest number of disposable domains, Storm, which has recently returned to the spamming scene, is the only botnet that uses genuine domains in greater number than disposable domains. Sixty-five percent of spam from the Storm botnet uses a legitimate domain, many of which are for URL shortening services. Disposable domains are often used quickly after being first registered; and on average, 50 percent are used within nine days, before spammers switch to newer domains.
0 comments:
Post a Comment