Report: Global Messaging Threat

In this report, Cloudmark reminds us that SMS is a growing medium for spammers and malicious attackers. It’s easy to set up an operation (and just as easy to set up another one once the first is discovered) and it’s very difficult for law enforcement to keep up. But using intellligence from the Cloudmark-powered SGMA Spam Reporting Service,  UK regulators ICO (the Information Commissioners Office) seized equipment, paperwork and SIM cards that could have been responsible for over a million spam texts. Levels of spam took an immediate downturn, but were on the rise again by the end of the quarter, possibly because those paying for the spam had found new providers.  

Florida saw a recurrence of a cruise scam by Caribbean Cruise Line.  People were told that they won a free cruise, and just had to call a number (as aggressive blocking and filters made their task more difficult, the spammers started to use “creative” solutions like including characters within the phone number or spelling out some of the numbers.) Those who responded found out that they had to attend lengthy time-share presentations (which directly profited the cruise line) and then found that their “free cruise” came with many hidden costs. This resulted in Better Business Bureau complaints from hundreds of victims.

In Mexico, Cloudmark noted that, possibly due to the fact that developers who might turn to spamming in other depressed economies have greater access to US jobs, there appear to be no large-scale spam operations coming out of Mexico. However, because of a lack of control of bot-net machines by ISPs they are still a source of a great deal of International spam. They noted that 44% of the total e-mail traffic to the US from Mexico is spam, but 89% to Japan, and 96% to Ireland is spam. Cloudmark suggests that this could be improved by blocking the outbound ports that are used by SMTP, or passing those ports through a proxy that applies both policy- and content-based spam filtering. Looking at blocked IP addresses by country, the US is still leading and Romania is second, though they are being challenged by China for that spot. Germany continues to have it’s solid progress slowed by three ISPs who do not have spam safeguards.

Another method used by spammers includes taking advantage of highly publicized spam attacks. In their report Cloudmark looks at two such instances in this quarter. After the publicity of the Heartbleed bug, spammers e-mailed trojan horses to victims, telling them that installing them would protect them from Heartbleed. Spammers used the Ebay data breach as a hook to get victims to open e-mail that tried to sell them a background check service that had previously been subject to a number of complaints for unsavory business practices.