Drug ads make up three quarters of all spam

Advertising for discount pharmaceuticals, most of which are likely to be counterfeit, now accounts for a staggering 74 per cent of all spam email, according to the latest report from security firm Marshal8e6.

The biannual TRACElabs report (available here) found that the volume of spam rose by 60 per cent in the first six months of 2009, and now accounts for 150 billion messages a day - 90 per cent of all email.

Much of the spam traffic is driven by botnets – a group of compromised computers that forward spam, often without their owners knowledge. One botnet in particular – called Rustock – is responsible for 40 per cent of all spam and focuses almost exclusively on pharmaceuticals and related products.

“Rustock typically uses HTML templates from legitimate newsletters and inserts, or blends in, its own images and URL links,” commented Bradley Anstis, director of technology strategy at Marshal8e6.

“This helps give Rustock spam the appearance of professional, legitimate email which tricks recipients into clicking on the links or buying the advertised products."

The ‘Canadian Pharmacy’ programme is a huge driver of spam, perhaps as much as 50 per cent, and is being actively spammed by at least eight distinct botnets, including Rustock, according to the report.

During 2008, researchers claimed the Canadian Pharmacy business was generating $150m in profits.

Many of us may have become conditioned to ignoring spam, but there is a rising trend to use it as a platform for other, more sinister system attacks, a phenomenon known as a blended threat campaign. The objective is to fool users into installing malware or fake antivirus packages known as ‘scareware’.

Social networking sites – including Facebook and Twitter – have been compromised in recent months by hijacking malware programmes, according to the report.

Marshal8e6 makes a number of recommendations for enterprises and computer users to guard against these threats, including:

• maintaining good anti-spam protection;
• secure web browsing via the restriction of executable files and other malicious content;
• keeping web browsers and add-ons up to date;
• educating workers about dangerous practices such as following links in unsolicited mail;
• maintaining a robust password policy;
• Using browser security add-ons which limit execution of Javascript, and;
• Keeping personal information off blogs and social networking sites.