Malware in Spam Email: Risks and Trends in the Australian Spam Intelligence Database

Roderic Broadhurst R, & H Trivedi (forthcoming) Malware in spam email: Risks and trends in the Australian Spam Intelligence Database, Trends and Issues in Criminal Justice, Australian Institute of Criminology

15 Pages Posted: 3 Jul 2019 Last revised: 7 Jul 2020

See all articles by Roderic Broadhurst

Roderic Broadhurst

Australian National University (ANU); ANU Cybercrime Observatory; School of Regulation & Global Governance (RegNet)

Harshit Trivedi

ANU Cybercrime Observatory; Australian National University

Date Written: July 6, 2020

Abstract

A 10 percent sample of a 2016 dataset of 25.76 million spam emails provided by the Australian Communications and Media Authority (ACMA) Spam Intelligence Database (SID) was scanned for malware using the VirusTotal Malware database. Nearly one in 10 (9.9% or 255,222) emails were identified as malware compromised and, similarly, 9.9 percent were identified as inactive. Of the compromised URL sites, nearly one-third (31.8% or 81,176) could be further classified as phishing (58.4%) or trojan-compromised URLs (40.6%) or dedicated malicious websites (1%). All 115,025 unique file attachments found in the entire sample (0.5% of all spam) were also scanned and 31.4 percent (36,405) were compromised with various forms of malware. The majority of compromised attachments were found in images (55.6%), followed by PDFs (15.0%) and binary files (10.0%). Various trojans and ransomware were the most common malware, and these and others identified in the sample are described.

Keywords: cybercrime, malware, spam

Suggested Citation

Broadhurst, Roderic and Trivedi, Harshit, Malware in Spam Email: Risks and Trends in the Australian Spam Intelligence Database (July 6, 2020). Roderic Broadhurst R, & H Trivedi (forthcoming) Malware in spam email: Risks and trends in the Australian Spam Intelligence Database, Trends and Issues in Criminal Justice, Australian Institute of Criminology, Available at SSRN: https://ssrn.com/abstract=3413442 or http://dx.doi.org/10.2139/ssrn.3413442

Roderic Broadhurst (Contact Author)

Australian National University (ANU) ( email )

Canberra, Australian Capital Territory 2601
Australia

ANU Cybercrime Observatory ( email )

Canberra, Australian Capital Territory 0200
Australia

School of Regulation & Global Governance (RegNet) ( email )

Canberra, Australian Capital Territory 0200
Australia

Harshit Trivedi

ANU Cybercrime Observatory ( email )

ANU Cybercrime Observatory
Coombs Ext, Building 8
Canberra, 2601
Australia

Australian National University ( email )

Canberra, Australian Capital Territory 2601
Australia

HOME PAGE: http://www.anu.edu.au/

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
39
Abstract Views
309
PlumX Metrics