Until recently, the majority of spammers relied on messages selling male enlargement and sexual performance pills. However, the new trend appears to be promoting items such as inexpensive jewelry, knock-off watches and pens.

Marshal TRACE’s security researchers report that the recent increase in the sale of such products has finally broken the two-year abundance of health-related spam that has been flooding the inboxes of email users worldwide. Until recently, the sale of health products comprised approximately 75 to 80% of the total Internet spam. The emergence of product spam reveals how much the spam market has increased in terms of sophistication.

Bradley Anstis, Marshal’s Vice President of Products, explains that the significance of this new trend of spam that promotes software and jewelry products; it reveals an awareness on the part of the spammers regarding the purchasing patterns of customers and their preference for a certain type of product.

The percentage of health-related spam selling pharmaceutical products and herbal medicines has continued to decrease from 80 to 45% since January 2008. On the other hand, product spam promoting items such as replica clothing and watches and pirated software has increased from 12 to 46%.

Both types of spam comprise more than 90% of the total spam. This new trend has been initiated by a group of prominent spammers. Because they control such a large number of botnets, they are able to alter the worldwide preference for spam products.

Prominent botnets such as Srizbi, Pushdo and Mega-D feature in the latest trend of spam. Spammers use them to send remarkable amounts of spam promoting replica products, and the items reveal a surprisingly high rate of consistency. Spam goods are being promoted under brand names such as Herbal King, Canadian Pharmacy, Prestige Replicas and Exquisite Footwear.

Marshal believes that this current shift away from health-related spam to product spam reveals that spammers have recognized the trust felt by consumers for the new type of replica products being promoted.

A recent outbreak of malicious spam is reportedly responsible for 45% of the total spam online.  The Srizbi is a renowned Trojan that is advanced and effective.  This spamming malware has managed to increase the spam that contains the URLS to websites that also host more copies of the malicious program.  The program is designed in such a way that it is able to conceal its treacherous network activities and remain undetected by sniffer products.

The spam messages include a link that allegedly contains a naked movie of the recipient.  The message is made more convincing by using the recipient’s actual name and advising the read to watch the video to see that it’s true.  Unfortunately, as soon as the user clicks on the link, his or her system becomes infected and forms a growing part of the Srizbi botnet.

The spammers involved are taking advantage of naïve recipients who are quick to view the fake footage.  These unsuspecting individuals have no idea that the message actually contains malware meant to compromise their computer system. 

This tactic is certainly not a new one and has been used by many other spammers.  However, the effectiveness of the recent Srizbi botnet has propelled it to the top of list of the world’s largest, overtaking another famous botnet called Storm.

The Srizbi botnet is also known as “Cbeplay” and “Exchanger” and it contains a network of 315,000 bots that can product an astounding 60 billion email messages every day!  Ironically, the Storm botnet obtained more publicity, although it contains only 85,000 hijacked systems with only 35,000 of them designed to distribute spam.