Connect with us

Hi, what are you looking for?


Email Security

Spam Rate Hit 55% in September: Symantec

The spam rate of overall email dropped slightly over the past couple of months to 55% in September, but remains above the year average, a new Symantec report reveals.

The spam rate of overall email dropped slightly over the past couple of months to 55% in September, but remains above the year average, a new Symantec report reveals.

Spam rate last month remained above the 54.3% average registered last year, but went as high as 59.4% and 56.4% for the Mining and Manufacturing sectors, respectively, Symantec points out in the Latest intelligence report for September 2017.

Driving spam rate up were massive malicious campaigns dropping variants of the Locky ransomware. During mid-September, six massive Locky distribution runs were observed.

At 55% in September, the spam rate was also higher than the 54% rate that Symantec previously reported for the first half of the year.

Email remains a favorite distribution method for cybercriminals, with users being twice as likely to encounter malware via email, compared to other infection vectors, Symantec says. In their Email Threats 2017 report (PDF), the company also revealed that one in nine users had at least one malicious email sent to them during the first six months of 2017.

Phishing rate came in at one in 2,644 emails for September, slightly down for the second month in a row, but still well above the rates seen earlier in the year, the security company says. In July, phishing rate reached a 12-month peak at one in 1,968 emails.

According to Symantec, spambots remain the primary culprits in the distribution of spam emails, with Necurs (the largest amount of malicious email activity in 2017), Gamut (focuses almost exclusively on advertising spam), Tofsee, BlankSlate, and Waledac being some of the most popular of them.

For malicious payload distribution via email, attackers either use URLs or attachments, with the latter method being the most popular, accounting for 74% of the malicious emails in the first half of 2017.

Advertisement. Scroll to continue reading.

Email malware increased in September as well, with one in every 312 emails carrying malicious code, the security company says. Thus, September was the sixth month to register growth in email malware. At one in 120 emails, the Agriculture, Forestry, & Fishing sector was impacted the most, followed by the Mining industry at one in 196 emails.

Another noteworthy event in September was the discovery of new links between attacks against the energy sector and the Dragonfly group. Dubbed Dragonfly 2.0, the campaign that Symantec has been monitoring since late 2015 has known victims in the United States, Switzerland and Turkey.

Related: Massive Spam Runs Distribute Locky Ransomware

Related: Hackers Target Control Systems in U.S. Energy Firms: Symantec

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.


Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.


People on the Move

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

CISA has appointed Jeff Greene as Executive Assistant Director for Cybersecurity and Trent Frazier as Assistant Director for Stakeholder Engagement.

David Chétrit has been appointed the CEO of Kudelski Security.

More People On The Move

Expert Insights