What Do India, Rolex and Viagra Have in Common? Cisco Knows!

It may sound like the setup for a cheesy punch line, but just for fun, try it out on your friends: What do India, Rolex and Viagra have in common? The answer? They’re all invading your inbox. The venerable folks at Cisco have just released their 2013 Annual Security Report, and as you might expect, it contains a wealth of information detailing all the ways the cyberpunks, crooks, scammers and spammers are working hard to make your day more memorable.

Some of the highlights of the article are head turners, for sure:

  • Android malware has grown 2577% over 2012
  • Mobile only makes up 0.5% of total web malware encounters
  • Online advertisements are 182 times more likely to deliver malicious content than pornographic sites
  • Global spam volumes are down 18% overall, with spammers keeping banker’s hours for a 25% drop over the weekend.

Banker’s hours, huh? Yet another reason to hold disdain and contempt for spammers. Of course, not all the information contained in the Cisco report is eyebrow-raising, although it’s still very interesting. We’ve known for a while that India’s contribution to the world includes more than delicious curry and high-tech prowess. The country continues to top the list of the world’s biggest sources of spam. The breakdown of the top ten spam producing countries is as follows:

  1. India 12.3%
  2. United States 11.38%
  3. Korea 4.6%
  4. China 4.19%
  5. Vietnam 4.0%
  6. Russia 3.88%
  7. Brazil 3.6%
  8. Saudi Arabia 3.6%
  9. Taiwan 2.94%
  10. Poland 2.72%

Again, there are few surprises in the list; however, the U.S. has solidly taken prominence in its contribution to spam volumes, having moved from sixth spot to second. And it is interesting to see Korea and Vietnam place so prominently, while the absence of countries that tend to show up on these lists – like Canada and Nigeria – is notable.

Spam volumes, the report states, continue to be on the decline, but Cisco’s research notes that “spam remains a go-to tool for many cybercriminals, who view it as an efficient and expedient way to expose users to malware and facilitate a wide range of scams.” In fact, despite the perception that spam deploys malware payloads through its email attachments, in fact, “Cisco’s research shows that very few spammers today rely on this method; instead, they turn to malicious links within the email as a far more efficient distribution mechanism.”

The report also notes that spam is more targeted and less “scattershot” than in the past, “with many spammers preferring to target specific groups of users with the hope of generating higher returns.”

Name brand pharmaceuticals (like Viagra) and luxury watch brands (like Rolex) are highly-promoted items, while spammers use events and holidays to promote most heavily.

“Over time, spammers have learned that the quickest way to attract clicks and purchases—and to generate a profit—is to leverage spoofed brands and take advantage of current events that have the attention of large groups of users.”

Overall, there was an 18% decline in spam volumes between 2011 and 2012. Cisco points out that spammers continue to minimize effort and maximize results. Spam volumes fall on the weekends, when users are AFK, and rise on Tuesdays and Wednesdays (10% higher than other weekdays), proving that spammers, too, believe that Mondays are useless and need to be done away with.

Cisco notes that this schedule allows spammers to live ‘normal lives,’ but that “it also gives them time to spend crafting tailored campaigns based on world events early in the week that will help them to generate a higher response rate to their campaigns.”

The report points out that there were several examples in 2012 of spammers taking advantage of world events and human tragedy with the intent of scamming email users.

Superstorm Sandy is one significant example, where “Cisco researchers identified a massive “pump and dump” stock scam based around a spam campaign. Using a pre-existing email message that urged people to invest in a penny stock focused on natural resource exploration, the spammers began attaching sensational headlines about Superstorm Sandy.”

Oddly enough, the spammers used unique IP addresses to send batches of spam emails, and have not used those addresses since.

Language use was notable, too. Spammers, Cisco discovered, “focus their efforts on creating spam messages that feature the languages spoken by the largest audiences who use email on a regular basis.”

According to Cisco research, the top languages used in spam messages during 2012 were English, Russian, Catalan, Japanese and Danish.

Written by Malcolm James

0 Comments

  1. Cass · February 6, 2013

    OMG, the growth in Android malware is just shocking! And if mobile malware is only 0.5%, then it can be expected that Android malware will continue to rise far beyond this.
    The second thing that impressed me was the 18% drop. This is much more believable than what some other reports say. Still, I think that even though the volumes are dropping, the risks are higher because messages get crafted more. It looks like spammers have moved from quantity to quality, which is bad for us.

  2. Jessica Langley · February 18, 2013

    Online advertisements are 182 times more likely to deliver malicious content than pornographic sites—I definitely understand this one. Don’t get me wrong, okay. I am not into porn, but I see the logic. One of the foremost reasons is the filters that search engines and advertising networks use. Besides, a lot of Internet users are prudes. They immediately report any kind of pornographic material that accidentally reaches their searches or their inboxes. In other words, porn still remains a very specialized market.
    This report is actually very interesting, offering something new to me. Thanks!

  3. Augusto · February 21, 2013

    That Android thing is downright scary! If I were to believe this—and taking some points from Cass—if only 0.5 percent can be attributed to mobile spam and yet Android malware is increasing, then it only means that the Google baby is extremely unsecured. And they have the nerve to talk about how secure these apps are or how they have upgraded their OS continuously. If I remember, around a year ago, more than 50 apps that contained malware were inadvertently approved. To add to that, Android devices are the fastest-selling in the market because the OS is open source.

  4. Johnny · February 22, 2013

    Why is there no Cialis on the list? Anyway, if there’s one thing I can conclude from the article, it’s that spammers make good marketers. They may even be better than the professional legitimate ones because they really take the time to study “consumer” behavior, a skill that is severely lacking from professionals these days. So even if there’s a supposed decline, they still get some results at the end of the day. If only these spammers would turn toward the bright side, more businesses, particularly small ones, can achieve success online.

  5. Nadina · June 2, 2013

    “Android malware has grown 2577% over 2012.” – This statement grabbed my attention as I am an avid Android user. This can be a confirmation of what one friend told me – that Android is a virtual haven for spammers. I have no idea why, although I am quite convinced by Augusto’s statement that it is an unsecured platform. Maybe the fact that it is an open source contributes to Android’s risky security image? I can’t afford to switch mobile phones at the moment, so I’ll just have to find a good anti-spam for my phone – and then pray!

Leave A Reply