|
MOUNTAIN VIEW, CA, April 12, 2005 – Commtouch® (NASDAQ: CTCHC - News), the developer of ground breaking RPD™ technology for real time anti-spam and zero-hour virus protection, today announced that financial fraud is becoming an increasingly significant aspect of global spam. The announcement was based on data from the Commtouch Spam Detection Center, which analyzed hundreds of millions of spam messages in the month of March 2005.
“Our analysis shows that financial fraud now accounts for 9 to11% of global spam, up from 3 to 5% a year ago,” said Oren Drori, director of product marketing at Commtouch. Drori also noted that this figure can reach 15% in peak months.
Financial Fraud Resistant to Standard Spam Filters; Only Content-Agnostic Approaches Can Effectively Block It
“The growing proportion of e-fraud shows that spam is more than just ‘direct marketing gone bad’ and attests to the growing sophistication of financial fraud techniques,” said Drori. “In cases where even educated recipients have difficulty distinguishing between standard business correspondence and fraudulent messages, it is next to impossible for spam filters to identify frauds by their content or format. Only filters that are independent of format and content can be effective. “
Most financial-fraud spam belongs to one of three categories: Phishing, stock-manipulation schemes, and ‘Nigerian stings’. According to Drori, stock manipulation schemes are most prevalent (83-92%), but phishing causes the largest financial losses.
“Nigerian Sting”
Fraud can be stranger than fiction, and the new breed of spam fraud includes a creative assortment of tall tales – many of them variations on the famous Nigerian Sting involving the desperate daughter of an African despot. Typically, these e-frauds convince recipients that they are helping extraordinarily wealthy but momentarily trapped individuals – by enabling these strangers to make huge deposits into recipients’ accounts. Needless to say, as soon as recipients send their account details via email, their accounts are immediately emptied.
Pump&Dump: To Buy or Not to Buy
In Pump&Dump spam fraud, spammers invest in a specific stock and then “tip” millions of recipients, convincing them to invest in the same stock. When a critical mass of recipients buys in, the stock’s value is artificially “pumped up”. As soon as this happens, spammers “dump” their own shares, at a nice profit. Following this massive “dumping” the stock’s value typically plummets, leaving the new investors smarting from the loss.
The entire operation can take just a few minutes – long enough to cause a glitch in the stock value, and leave thousands a bit poorer than before. Most Pump&Dump schemes involve unknown and negligible stocks, in small stock exchanges. Some of the ‘recommended’ stocks belong to companies that have already ceased operation and were chosen by the spammers simply due to their web-based profiles and low trade-volume. Looking back at 2004 spam-promoted stocks, it is clear that in most cases their value has dropped by 60-95%.
“Our advice is simple,” says Commtouch’s Drori. “Ignore any tips you receive from unknown sources. If a stranger recommends a specific stock, it is probably to promote his own interests, not yours.”
Phishing: Don’t Let Them Bait You
Industry analysts agree that Phishing continues to be the single most dangerous type of email fraud, accounting for larger financial losses than any other scheme.
Phishing leverages recipients’ natural inclination to cooperate with their own financial institutions (credit card companies, banks, electronic wallet services). Typically, a message that looks perfectly authentic requests recipients to click on a hyperlink and type their secure access code. Many recipients follow these instructions – giving fraud spammers free access to their accounts. In some cases, their account is emptied within minutes. In others, only a modest amount is charged (say a one-time $50 charge), and victims may remain oblivious to the robbery.
Legitimate financial institutions are extremely unlikely to request secure access information via email. For your protection, always verify any such email request by calling your financial service provider directly.
Financial Fraud: 10.40% of Global Spam
The Commtouch Lab reports that during the month of March, financial fraud accounted for 10.40% of global spam. The only category more prevalent than e-fraud was drug sales (22.40% of all spam). Merchandising of Viagra, software and pornography each account for less than 10% of spam, and mortgage/refinancing offers totaled 9.14% of spam.
Top spam topics for March 2005:
Drugs 22.40%
Financial Fraud 10.40%
Viagra 9.62%
Mortgage/Refinance 9.14%
Software Sale 6.87%
Porn 6.65%
Geography of Spam in March 2005:
According to the Commtouch Lab, the dubious honor of being the world’s largest spammer has been in the hands of the U.S. for over a year – but in March 2005 South Korea claimed this position. During that month, a full 35.41% of global spam originated in South Korea, compared with 19.82% from the U.S. Spammers in the European Union disseminate roughly as much spam as those in the U.S.
The Source of Spam – Breakdown by Country:
South Korea 35.41%
United States 19.81%
China 13.57%
France 4.37%
Spain 3.06%
Japan 2.85%
Canada 2.27%
United Kingdom 1.80%
Countries Hosting Spammers’ Websites
The vast majority of spammers (63.70%) continue to host their web sites in China, reports the Commtouch Lab. Brazil and the Russian Federation are also popular web hosts among spammers:
China 63.70%
Brazil 11.34%
Russian Federation 9.67%
Hong Kong 9.40%
United 3.96%
Taiwan 0.91%
South Korea 0.53%
Domains Used by Spammers
As for networking services, spammers continue to prefer the large free-email providers, such as Yahoo and Hotmail:
yahoo.com 11.4%
hotmail.com 5.8%
msn.com 4.5%
shaw.ca 1.6%
o2.pl 1.7%
|
