Cisco Systems has released its annual Cybersecurity Report which shows that spam email volume has increased once again. 65% of all emails sent are now spam, and Cisco reports that one fifth of those emails are malicious and contain malware-infected attachments or links to websites containing exploit kits and adware.
The report shows there was a massive spike in spam email volume in 2016, with many of those emails sent using the Necurs botnet. The Necurs botnet grew by around 200,000 IP addresses in June over just a couple of hours, and the botnet has continued to grow throughout the year. In addition to a spike in spam email, the Necurs botnet is also extensively used to spread malware such as the Dridex Trojan and ransomware variants including Locky.
There has been a marked change in spam email in recent years. Rather than spam being sent to increase traffic to websites to generate more sales, spam is now used much more frequently to spread malware and ransomware. Spam email is now becoming a commercial business, says Cisco Systems VP Steve Martino.
Just as the explosion in the use of ransomware can – in part – be attributed to the development of ransomware-as-a-service, the same can be said of spam email. Tools have been developed that allow anyone to build and conduct spam email campaigns without the need for any knowledge or technical skill. This spam-as-a-service model has seen many more players start conducting email spam campaigns over the course of the past 12 months.
In recent years, there has been a dip in spam email volume; however, email spam has spiked again and is now at a level not seen since 2010. The fall in spam email volume is due to takedowns of spam botnets and the arrests of some of the biggest spammers. However, Spam is back in a big way.
Fortunately, inboxes are being kept relatively clear due to advanced spam filters developed by email and third party antispam solution providers. However, cybnercriminals are getting better at developing new techniques to evade these technologies, which places businesses at a higher risk of being infected with adware, ransomware, or other malware.
Cisco reports that during 2016, more than 75% of organizations were infected with Adware. 80 adware variants have been discovered to have been installed at 130 organizations. The adware variants were capable of many malicious activities such as malware downloads in addition to the injection of adverts.