Phish Tastes Better Than Spam

Thanks to Shravan Shashikant and the Norton Confidential Online team for providing the data, and to Christopher Mendes for compiling it.

Does phish taste better than spam? Yes, perhaps it does. Allow me to explain.

The recent past has been one of the most volatile financial periods in history. World economies have reached a very critical stage—sovereign debt crises, bailouts, loan defaulters causing banks to shiver, sales shrinkages causing trade surplus, and bankruptcies. Add to all of this the fears of a double-dip economic recession theory making the rounds and it looks like a really dreadful picture.

But how does this affect the consumer from the point of view of email security? The consumer is the fulcrum point, the hinge of the story! All these negatives hits consumer spending in a very big way. The first wave of recession had definitely dented consumer confidence, and with the “Double Dip” theory lurking on the horizon it could be anybody’s guess. Logically, then, consumers felt their money was safer in the bank rather than in their wallet. The pangs of recession have definitely affected world economy and consumer spending.

This volatile economic state has perhaps impacted the strategy of email spammers in a very defining way as well, especially from the point of view of pushing additional spam mails. A paradigm shift is being observed from spam to phishing. Therefore, it is worth lending some thought to the modus operandi of spammers.

A major source of survival for spammers is consumer spending. With the recession eroding world economies, consumer spending has taken a major hit. Spammers, who thrived on luring consumers to spend money, have definitely been dealt a severe blow. After all, who is going to be lured by spammed products during tough financial circumstances? What logically follows in the worldview of a spammer is the money in your bank account rather than that in your purse. Or, in other words, spammers will shift to baiting consumers with phishing emails to try and steal banking credentials when they know their spam campaigns aren’t working.

To see if this argument holds weight, let’s look at the graph below, which explains how spamming and phishing have panned out from the time the last recession hit us. Perhaps the world economic scenario itself is reflected:

The spam trend lines show a gradual but decisive move from the time the last recession struck. There was a recovery that was not sustainable and then there was a gradual decline. But, the last twelve months have been decisive, during which world economies struggled to remain buoyant. This is also reflected in the spam and phish demography.

There is a clear divergence visible in the chart during this time: a steady fall in the volume of spam and a steady rise in the phishing volume. Of course, the spam volume is definitely huge as compared to the phishing volume. But, the movements are noteworthy, keeping the global financial status in mind.

Coincidentally, another major event that took place during this time (around mid-March 2011) was the forced shutdown of Rustock. This event also was a trigger for a drop in global spam volumes by one-third. However, the overall declining spam trend was seen way before this shutdown took place and can be traced from August 2010:

The average volume of phishing increased exponentially—by a whopping 49%—between August 2010 and August 2011, compared to the average phishing URL volume seen between February 2009 and July 2010. On the other hand, during the same time frame, the volume of spam fell drastically—by 42%. In other words, the point at which phishing began to rise is near to when financial jitters raised their ugly head and spam volumes dropped off.

Therefore, what people need to focus on during difficult financial times is not only protecting their wallets and purses, but also their credit cards and any money in the bank. Remember, in difficult times, phish tastes better than spam! We at Symantec are closely monitoring these ripple effects. We would like to remind you to keep your security products updated to stave off all such malicious advances from spammers who will just as easily don a phishing hat and try their luck hooking into your bank account.