Cyber-Criminals Have Now Turned to Social Networks, While Trans-Border Cooperation Is Needed to Cut Spam, Experts Say
The quantity of spam e-mails generated in the world dropped in the final quarter of 2010 and January this year, the BBC reported, citing the latest figures from Symantec Hosted Services. This trend also affected Russia, experts say. Several legislative measures curbed spam worldwide and in Russia specifically, but a more transnational synthesis of these measures may be needed to bring spam to heel. “One of the most important events was the closure of the affiliate program ‘SpamIt,’ which used to distribute pharmaceutical spam. As a result, the amount of e-mails advertising medicine has fallen from 31 to 21 percent since the end of September,” said Andrey Nikishin, the head of the Cloud & Content Technologies department at Kaspersky Lab. However, the volume of e-mails containing malicious software has simultaneously increased: spammers have turned from advertising medicine to sending out malicious programs.
The legal fight against spammers has been effective. In the United States and the United Kingdom dozens of Eastern European citizens suspected of spamming have been arrested and charged with using the “ZeuS” malicious software for personal gain. In the Netherlands law-enforcement agencies deactivated a spam-bot network of 143 computers infected with the “Bredolab” malicious software. The person suspected of controlling the spam-bots has been arrested.
In Russia, a criminal case has been opened against Igor Gusev, the head of “Despmediya,” the company selling counterfeit pharmaceuticals, including Viagra, in the United States, Canada and other countries using spam technology and the “Glavmed.com” affiliate program. “Some experts believe Gusev is the world’s top spammer,” said Nikishin.
In Russia, the volume of spam traffic dropped in the beginning of 2011 because of the extended winter holidays, say analysts. “This has been the trend over the last several years. Spammers rest during the first ten days of January. The majority of spam e-mails in Russia advertise goods and services, but the companies that produce these goods and services do not work until January 10. Many users of mail services also take a break. If people aren’t reading spam e-mails there is no sense in sending them. That’s why the amount of fishing Web sites and criminal spam also decreased,” Nikishin explained. “Moreover, many infected computers were switched off over the winter holidays. So the capacity of spam networks also dropped. Probably, spammers wanted to send more e-mails but simply did not have the opportunity,” he added.
However, a temporary cessation of spamming and cyber-crime does not mean it has been stopped. They are looking for new ideas and technologies, experts say. “In 2010, Russia’s cyber-crime market was estimated at about $1 billion. And it will increase,” warned Ilya Sachkov, the general director of Group-IB and a member of the Committee against Cyber-Crime at the Russian Association of Electronic Communication (RAEC). “Last year showed that the imagination of cyber-criminals is gaining momentum. We saw a lot of new things: an increase in seriously financially damaging crime, fraud on Internet banking systems, different affiliate programs, hacker attacks on large Russian and international companies. The new architecture of viruses shows that these programs were designed by people with large budgets,” he said.
Most spammers and cyber-criminals in Russia are private individuals who “work” from home. Often they combine their illegal activity with studying or a main job. A second group is made up of companies which provide some services warranted by law, such as Web design and search engine optimization, but also make a profit from distributing spam. Then there are large organizations which provide the whole range of spam services from malicious software development to e-mail distribution.
But such large organizations are an exception because now spammers do not need to spend much money for software engineering and personnel. They can just buy a “full service package” to carry out their illegal activity. This kind of package includes a database of e-mail addresses, software for spam distribution, a Web-connected personal computer or server and a template message.
According to experts, only two to three percent of Internet users in Russia buy goods and services advertized by spam. So “professional” Russian spammers still prefer to focus on foreign markets – the United States and Western European countries where there are large Internet audiences and developed systems for online payments.
However, the growing amount of small payments via SMS in Russia over the last few years has increased the appeal of the “domestic market” and led to the development of numerous fraudulent Web sites and affiliate programs. “There are two basic ways spammers receive their income. They can get a fixed percentage from the amount of money which Internet users pay for goods and services advertised by their spam e-mail. Or they can also receive a single fixed payment from the client for sending out spam,” said Irina Levova, the coordinator of the Committee against Cyber-Crime at the RAEC. “The first way works effectively in the case of sending spam e-mails abroad, while the second is mainly used in Russia.”
Experts forecast a growth in spam on social networks in 2011. “Spam on social networks is especially dangerous because most messages are distributed from a user’s hacked accounts to their ‘friends.’ Moreover, fraudsters are becoming more advanced in wording messages,” Sachkov said. “According to data by Sophos, the amount of spam on social networking sites increased in 2010 by 70 percent. The number of users on social networks continues to grow. Therefore we can suppose that this trend will continue in 2011.”
Russia recently developed its law “On Information Protection.” The amendments will include criminal, administrative and civil responsibility for spammers. The most controversial issue is the definition of spam. The RAEC suggests defining spam as the messages considered to be spam by the recipient and which also meet certain legal criteria.
Analysts believe that changing the law may make the fight against cyber-crime and spam more successful. But these efforts need to be made in all countries. “Cyber-criminals know the law well and build businesses which take into account the legal peculiarities of different states. Unfortunately, they have not reached their potential yet, and 2011 could see an explosion,” Sachkov said.
“One example of an effective legal measure against spam is Australia’s Spam Act. It led to a significant reduction in the number of spammers in the country, but did not affect the amount of spam in Australia’s e-mail inboxes because most messages were sent from abroad. This brings out the global nature of spam. To fight against cyber-crime and spam efficiently, trans-border cooperation is needed. This kind of cooperation is impossible without a transnational legal framework – united international standards using information exchanged between countries,” Levova concluded