Although the first instance of a piece of malware being delivered by spam is unknown, the 1999 Melissa mass-mailing virus is recognized to be the first malware widely distributed by email. Melissa would scan email contact lists and proceed to send a copy of itself to the first 50 contacts within the list. While Melissa did not destroy files or other resources, the virus had the potential to disable corporate and other mail servers by consuming resources while seeking out additional contacts and mailing copies of the virus to others.
Copy-cat viruses using email as the method of dissemination quickly emerged soon after. With each virus at the time competing for infection rates and CNN headlines, email quickly proved to be a viable method to deliver malicious attachments to unsuspecting users. The ILOVEYOU mass-mailing worm that came out in 2000 infected tens of millions of computers worldwide and caused billions of dollars in damage.
From that point forward, email has been a primary vector for the delivery of malware and unfortunately there are few signs that the trend is slowing. Email has proven to be a highly valuable and highly successful vector for the installation of malware to unsuspecting users.
Methods of attacks for MalSpam can run the gamut. Everything from blanket MalSpam campaigns, covering millions of addresses purchased from email address providers, to highly sophisticated targeted campaigns, covering one or two people are extremely common.
Research from the firm Radicati indicates that roughly 205 billion emails are sent each day. And according to ITU, roughly 80% of all email messages are spam. While it’s hard to identify an exact number of emails delivering MalSpam, it’s clear that malware authors continue to see enough successful installations of their malicious programs to warrant the continuation of such endeavors.
Common infection method
MalSpam by definition is malware delivered via email, and as such, this will always be the infection vector for malware with this classification.
Never download or view attachments from unknown senders. Always treat attachments from known senders as possibly suspicious unless the information has been directly solicited. Never execute executable files. And even if the document advises otherwise, don’t enable Macros within Office products. If there is a doubt, contact the sender prior to opening the attachment to inquire further. Scan attachments with a reputable anti-malware product such as Malwarebytes Anti-Malware, or scan the file against a collection of products at www.virustotal.com.