HTML spam breaks banks, floods PCs

Spam campaigns using emails with infected HTML attachments accounted for around two and eight percent of all spam, according to Sophos.

The security company said this security threat was particularly rampant over the past four months but June and September were hit the worst with this spam accounting for eight percent of all email threats.

However, it seems the spammers may have been on their summer holidays in July and August with these figures falling to two and three percent.

Graham Cluley, senior technology consultant at Sophos said that part of this was down to a large number of malicious spam with embedded HTML attachments (detected as Troj/JSRedir-BO), and was associated with Facebook password resetting tasks, the FIFA World Cup and Skype in June.

“SophosLabs saw further waves of mass-spammed JavaScript redirectors in September, which had been detected as JS/WndRed-B,” he added. This, he said was driven by HTML documents, which directed users to scareware pages pushing fake antivirus software

The company also said that the the majority of rogue HTML files served in this manner consist of phishing pages or contain JavaScript code that redirects users to malware pushing websites.

“Instead of setting up a bogus financial website, scammers insert the phishing contents directly into the HTML attachment,” Mr Cluley said.

The JavaScript redirect method is much more common and the second half of September has seen waves of emails with random subjects, content and attachment names.

And it seems we have to stay on our guard, with Sophos claiming that the spamming will continue.

“SophosLabs has no reason to believe that this pattern is likely to change in the next few months,” the company said.