The percentage of fraudulent emails in global spam traffic increased 20 times during the third quarter of 2011, rising to 2.0% of all spam traffic from 0.1% in the previous quarter, according to Russian antivirus software developer Kaspersky Lab.
In addition, the variety of social engineering techniques deployed has also increased. Attackers used traditional email offers on behalf of online games to steal user names and passwords, or fake notifications from major organizations, which then link to a phishing resource. But Kaspersky also found that multistage attacks, which combine messaging with other web activities, are becoming more common.
The third quarter saw phishing email volume increase slightly, accounting for 0.03% of all email traffic. The share of attacks on Facebook increased by five percentage points, meaning the social network climbed from fifth to third in the ranking of most popular phishing targets.
Spam levels fell steadily throughout the quarter, except for a spike in the last week of September. The average percentage of spam with malicious attachments, however, reached a record-breaking high of 5.3% during Q3.
Overall, in 3Q11 the average proportion of emails with malicious attachments increased by 1.17 percentage points, reaching 5.03%.
Spam is increasingly coming from developing countries. The top three sources of spam were India, Indonesia and Brazil.