In the United States, 73.8 percent of email traffic was spam—mass-mailed, unsolicited, messages used for advertising or to distribute viruses and malware, according to Symantec’s monthly intelligence report [1]. One in 1.35 emails is spam, according to the report. It also says the global rate ratio of spam in email traffic remained relatively unchanged from September to October. Symantec collects data on spam from more than eight billion emails processed at 15 data centers to get a clear picture of most current tactics being used by hackers and spammers. 

One of the ways Symantec monitors the threat landscape is by watching spam email subject lines. "We definitely see a 'top' spam trend on the spam subject line list because the appearance on the list indicates high-volume spam," said a Symantec spokesperson.

"For subject lines, spammers are doing everything in their power to make the recipient click and open the message. If the recipient looks at the inbox and immediately deletes the message because the subject line is 'Click here to buy fake watches,' then there is no return on investment. But, if the subject line is something interesting, then it’s more likely for the message to be opened by the recipient," he said.

The past month was dominated by malware spam using subject lines made to trick users into thinking they needed to take some kind of action. Many spam subject lines imitate emails coming from trusted senders like friends, payroll offices, or delivery services. The emails usually include malicious links that allow spammers to steal information or add a PC to an existing botnet.

In October the top five subject lines were “NACHA security nitification [sic]”, “ACH Payroll Cancelled”, “ACH Transfer Review”, “Re: Back to School Software Sale”, and “Facebook Administration has sent you a notification.”

In September, the top five spam subject lines were “UPS Notification”, “Uniform Traffic Ticket”, “You have notifications pending”, “SALE OFF: Pharmacy store!”, and a blank subject line.
The most common category of spam in October was pharmaceutical related. The second most common was related to adult sites or dating. Spam pushing prescription drugs accounted for 37 percent of spam in October. Two and a half percent advertised sex or dating.

The most common spam subject lines tend to change depending on current events and effectiveness. Four of the top subject lines for October had to do with financial transactions or Facebook.

Spammers are targeting what people are interested in, said Kevin San Diego, vice president of product marketing at Cloudmark, a messaging security company that provides infrastructure and technology to fight message abuse for systems from SMS to social media. "Certainly they keep advertising for it so there must be a market for people who have tried to purchase those products," he said of the top spam.

San Diego says companies using spam marketing often aren't selling anything at, but looking for ways to get your information so they can sell it to third parties.

"These subject lines show that spammers continue to be creative and use diverse topics for subject lines even if the content is the same, malware in this case. Malware has been on the rise, as documented in recent Symantec Intelligence Reports, and we will probably continue to see various brands spoofed for malware spam," Symantec said.

They Symantec spokesman noted that spammers also try to randomize subject lines to get more emails past spam filters. "It is entirely possible that a large spam campaign could be absent from that list because the spammer may choose to randomize the subject line. So this is why I said that  [the subject line] one of many views we look at," he said.

I asked other Security Management editors to send me the subject lines of the five most recent spam messages they received on an outside email provider to see how closely they followed the trends outlined by Symantec. Continue to the next page to see subject lines we've received:

Of 20 emails we received in our own spam folders:

7 were adult/dating related. (35%)

4 were pharmaceutical related (20%)

4 were retail related

1 was related to current events

1 looked like it could possibly be a legitimate email, but probably wasn't.
 

Associate Editor Laura Spadanuta [2], Intelligence

1. BUY VIAGRA AND CILAIS NOW
2. Super Replicas - Luxury Watches, Bags, Jewelry
3. Dirty Truth you need to know on Penis Enlargement
4. Experience new levels of pleasure
5. Buy Cialis online

Associate Editor Matthew Harwood [3], Homeland Security

1. S,C$H=O$0 +L |G ^IR `L % S -E_X )
2. e-gazete (26 EKİM) Gönderim sayısı 71 BİN (GAZETELERİMİZ GECE SAAT 23.59'DAN SONRA GÜNCELLENMEKTEDİR)
3. Net-Temps News: Job Hopping On Your Resume
4. Jobs & Courses (26 Oct 11): Red Gate, Parker, RFD Beaufort, Samuel Heath
5. Free Glucose Meter, Diabetes Testing Supplies & Shipping

Associate Editor John Wagley [4], Technofile

1. Half Off at JV’s Restaurant
2. Mitt Romney: Mr. One Percent
3. 64% off Dance lessons
4. Two-thirds off acupuncture
5. Cozy sweater dresses and sweet boots

Assistant Editor Carlton Purvis [5]

1. Oil specialist job
2. Contributed sexual penis pills watch
3. Grow your penis size
4. Hi, this is Samantha Sheldon. MESSAGE ME when online.
5. Hey! There is a party tonight…YOU ARE INVITED!

photo by mattwi1s0n/flickr [6]

Thumbnail: