Spam is currently at the lowest level it has been since the takedown of McColo, a California-based ISP which hosted command and control channels for a number of major botnets, in November 2008, according to Symantec intelligence report.
The global circulation of spam each day continues to fluctuate since the largest spam-sending botnet Rustock’s takedown in March 2011, the intelligence report said.
Returning to the same level as in April 2011, spam accounted for 72.9% of email in June, of which 76.6% was sent by botnets, compared with 83.1% in March.
Symantec.cloud senior intelligence analyst Paul Wood said cybercriminals continue to use botnets to conduct distributed denial of service attacks (DDoS), and carry out fraudulent click-thrus on unsuspecting websites for financial gain.
"They [cybercriminals] also use botnets to host illegal Web site content on infected computers, harvest personal data from infected users and install spyware to track victims’ activities online," Wood added.
"Following the disruption of Rustock in March, approximately 36.9 billion spam emails were in circulation each day during April. This number rose to 41.7 billion in May, before falling back to 39.2 billion in June," he said.
"During the same period last year, spam accounted for 121.5 billion emails in global circulation each day, equivalent to 89.3% of email traffic in June 2010.
"Over a 12 month period, a drop of 68.7% in volume resulted in a fall of only 16.4 percentage points in the overall global spam rate."
In the latest analysis, spam relating to pharmaceutical products accounted for 40 percent of all spam in June 2011, declining from 64.2 percent at the end of 2010. Spam subject line analysis shows that adult spam continues to flourish.
Spam messages promoting pharmaceutical products have been the most commonly seen spam attacks in June, according to the Symantec report.
This month’s report highlights the changing nature of the spam-sending botnet landscape and online pharmacy spam using two different angles: a spoof of an online video sharing service and a new online pharmacy brand.
A new spam tactic was identified last month by Symantec. The tactic introduced the "Wiki" name prefix for the promotion of fake pharmaceutical products relating to a new pharmacy brand, WikiPharmacy.
In June 2011, the global ratio of spam in email traffic decreased by 2.9 percent since May 2011 to 72.9%, while phishing activity decreased by 0.06% during the same period.
The global ratio of email-borne viruses in email traffic was decreased by 0.117 percentage points since May 2011, the report said.
It identified an average of 5,415 Web sites each day harboring malware and other potentially unwanted programs including spyware and adware; an increase of 70.8% since May 2011.
The most frequently blocked malware for the last month was W32.Ramnit!html, which is a HTML worm that spreads through removable drives and by infecting executable files by encrypting and then appending itself to files with .DLL, .EXE and .HTM extensions.
Saudi Arabia became the most spammed country, with a spam rate of 82.2%, overtaking Russia, which moved into second position in June 2011.
In the US, 73.7% of email was spam and 72% in Canada, while the spam level in the UK was 72.6%. Spam accounted for 73% of email traffic in the Netherlands, 71.8% in Germany, 71.9% in Denmark and 70.4% in Australia.
In Hong Kong, 72.2 percent of email was blocked as spam and 71.2 percent in Singapore, compared with 69.2 percent in Japan. Spam accounted for 72.3 percent of email traffic in South Africa and 73.4 percent in Brazil.
For phishing, South Africa remained the most targeted geography in June, with 1 in 111.7 emails identified as phishing attacks; phishing accounted for 1 in 130.2 emails in the UK; and phishing levels for the US were 1 in 1,270 and 1 in 207.7 for Canada.
The UK remained the geography with the highest ratio of malicious emails in June, as one in 131.9 emails was blocked as malicious in the month, while virus levels for email-borne malware were 1 in 805.2 for the US and 1 in 297.7 for Canada.
The Public Sector remained the most targeted by phishing activity in June, with 1 in 83.7 emails comprising a phishing attack, and it also topped in malicious mail category with 1 in 73.1 emails being blocked as malicious.
The phishing levels for the Chemical & Pharmaceutical sector were 1 in 897.3 and 1 in 798.3 for the IT Services sector; 1 in 663.2 for Retail, 1 in 151.4 for Education and 1 in 160.8 for Finance.