Spam analysis shows that it pays to be polite

MessageLabs has shone some light on spammers' social engineering methods

A study of the words used in different types of junk email has revealed some of the tactics used by spammers.

MessageLabs Intelligence studied shortened URL spam, and split the data into four types: sales, phishing, malware and targeted attacks. In each case the security firm classified the words used in the headers into a top 10 format.

The most common word in sales spam is 'Viagra', reflecting the popularity of pharmaceutical spam, which makes up around three quarters of all sales spam. 'Prices' is the second most common word, followed by 'special' and 'discount'.

The top word for phishing and malware spam is 'account', highlighting the financial targets commonly sought by the spammers. 'PayPal' is popular with phishers, while malware writers favour 'attached' or 'attachment'.

However, 'please' was the top word for targeted attacks, and it was also in the top five for phishing and malware spam.

Paul Wood, senior analyst at MessageLabs Intelligence, told V3.co.uk that politeness is a key factor in successful spam.

"When we look at malware the social engineering component is the most important. It's no use writing a sophisticated piece of malware if the social engineering isn't right," he said.

Targeted spam attacks account for only around 0.02 per cent of all spam, but they are the most dangerous since it can take weeks or months for a sample to turn up and a signature file to be developed by anti-virus vendors.

"Even if you have up-to-date anti-virus, no matter how good it is, such malware can be very difficult to find," said Wood.

"The most common method is for the software to be embedded in a document, so use maximum caution."

The research found that spam recipients answer an average of one in every 74,000 of the 120 billion spam messages sent every day.