The report said that one in every 416 email messages sent between July and September contained a dangerous attachment designed to infect the recipient’s computer.
This was a “staggering” eightfold rise compared to the previous quarter, where the figure stood at one in 3,333 emails.
This increase was attributed partly to several large-scale malware attacks made by spammers, according to the report.
The worst single attack was the Agent-HNY Trojan Horse, which was spammed out disguised as the Penguin Panic arcade game for Apple iPhones.
Other incidents included the EncPk-CZ Trojan which pretended to be a Microsoft security patch, and the Invo-Zip malware, which masqueraded as a notice of a failed parcel delivery from firms such as UPS.
Confirming a trend, the most widespread attacks recorded by Sophos were aimed at Windows users, as opposed to Unix or Mac OS X.
"For Apple Mac and Unix lovers, these major spam attacks just mean a clogged-up inbox, not an infected operating system. But organised criminals are causing havoc for Windows users in the hunt for cold hard cash," said Graham Cluley, senior technology consultant at Sophos.
"Too many people are clicking without thinking – exposing themselves to hackers who are hell-bent on gaining access to confidential information and raiding bank accounts. The advice is simple: you should never open unsolicited attachments, however tempting they may appear."
In August, Sophos released a warning of a widespread wave of spam messages claiming to be breaking news alerts from MSNBC and CNN. Each email encouraged users to click on a link to read the news story, but instead, took unsuspecting users to a malicious webpage which infected Windows PCs with the Mal/EncPk-DA Trojan horse.
"When a spam email appears to come from a trusted source, too many users are fooled and end up clicking through to a malicious webpage," remarked Cluley.
"The naivety shown by many internet users is downright dangerous. In the past hackers were more like teenage mischief-makers breaking into sheds to see what they could find. Today they’re hardened criminals wearing hobnail boots with no qualms about breaking into your home and stealing everything they can get their hands on."
The United States was the origin of the most amount of spam at 18.9 per cent, followed by Russia (8.3 per cent, soaring from 4.4 per cent last year), Turkey (8.2 per cent) and China (including Hong Kong, 5.4 per cent).
Australia, which traditionally ranks low on this scale, took 32nd place, with less than one per cent of the world’s spam originating here.
"Insecure computers, wherever they are in the world, are a spammer’s dream – they can be easily hijacked remotely and joined to sprawling networks of botnets designed to create chaos by sending floods of spam and carrying out denial-of-service attacks," explained Cluley.
“The message needs to be heard loud and clear: if you don’t properly defend your PC you are not only putting your data, finances, and identity at risk, you are also endangering other members of the internet."
Email spam increases eightfold; Agent-HNY blamed
By Staff Writers on Oct 28, 2008 3:24PM