The Nigerian 419 scam has returned to plague e-mail inboxes once again, with Symantec’s February 2010 spam analysis reporting that old-style social engineering fraud is at the highest levels ever measured by the company.
Although most spam is still made up of stock pharmacy and other product pitches, 21 percent of the phenomenon now comes from phishing fraud of various types. After a period of years on the wane, the 419 scam has risen to 7 percent of all spam.
According to the authors, part of the explanation for the comeback could be world events such as the earthquake in Haiti, which causes a temporary susceptibility to money scams which ask for “donations” via e-mail. Criminals appear to have picked up on the trend to give money, hijacking agencies such as UNICEF to push the scam.
In fact, there is plenty of evidence that the 419 scams have never gone away at all, simply been supplanted in the minds of researchers by newer and more novel threats.
Other interesting tidbits include that 92 percent of adult phishing scams – those pushing porn – happen on or using social networking websites, an indicator that criminals value such communities as much as their users.
The monthly report has a few notes of optimism, such as the decision by the authorities in China to tighten the rules on registering .cn (China) domains from outside the county, which has reduced spam using URLs with a .cn suffix by half. Nevertheless, the .com remains the most popular suffix, used in 68.6 percent of spam URLs, with around a quarter of all spam arriving via US-based hosts.
Spam statistics fluctuate from month to month, but vendor reports act as an early warning of new trends. One thing is clear though. Spam tactics, including the 419 attack never die but simply go temporarily out of fashion until enough time has passed that a new generation of victims can be found