Malware writers are starting to target regions with growing numbers of new Internet users in a belief that computer users in those areas are less likely to protect themselves from spam and viruses, MessageLabs Ltd. said.
India makes a perfect example. More than 90 percent of e-mail sent to people in India in February was spam, MessageLabs said in its monthly report on worldwide spam and malware released late Wednesday. In MessageLabs' 2005 year-end report, India didn't even rank in the top 15 countries for spam.
The dramatic recent increase is due to a perceived awareness among spammers and other malware writers that Indians may be less likely than PC users in Western Europe or North America to use antivirus software, said Maksym Schipka, senior antivirus researcher with MessageLabs. He said he's seeing a new trend among malware writers to target regions with less developed Internet infrastructure.
He believes that malware writers noticed India as a potential target after the spread of the Nyxem virus. The virus infected computers and was set to erase content on Feb. 3. But because the infection was spread prior to that date, many antivirus companies were able to prepare and protect customers from getting the virus.
However, some antivirus firms published details of regions where the most PCs were found to be infected and India was top of the list. Schipka believes that Malware writers concluded that meant Indian PC users were least likely to subscribe to or apply the protection that could have prevented the infection and thus were good targets. "If Nyxem could spread there, it means that any mass e-mail or zombie could spread well there too," Schipka said.
India isn't the first country to be targeted for this reason, he said. "Brazil wasn't on any radars whatsoever and suddenly we were getting postcards and phishing attacks for Brazil and that was really one indication that the bad guys realized, oh, maybe [Brazilians] pay slightly less attention and less money into security infrastructure," he said. Postcards are electronic cards that link to a Web site that automatically downloads a virus on the users' computer.
Since early this year, however, attacks on Brazil seem to be declining and that may be because companies and users in Brazil are now starting to do more to protect themselves from malware, he said.
The keys to ensuring that regions with developing Internet usage can protect against such targeting are low-cost products and education, he said. "Countries like the U.K., wealthy countries, could spend slightly more than countries like India on security software so pricing should reflect that," he said.
However, there are some free software products that could provide some good protection and it appears that PC users in India and other regions aren't even using those offerings. As a result, educating Internet users about the dangers of viruses and malware is key too, he said.