Malware in spam email: Risks and trends in the Australian Spam Intelligence Database

Roderic Broadhurst, Harry Trivedi

    Research output: Contribution to journalArticle


    A 10 percent sample of a 2016 dataset of 25.76 million spam emails provided by the Australian Communications and Media Authority's Spam Intelligence Database was scanned for malware using the VirusTotal Malware database. Nearly one in 10 (9.9% or 255,222) emails were identified as malware compromised and, similarly, 9.9 percent were identified as inactive. Of the compromised URL sites, nearly one-third (31.8% or 81,176) could be further classified as phishing (58.4%) or trojan-compromised URLs (40.6%) or dedicated malicious websites (1%). All 115,025 unique file attachments found in the entire sample (0.5% of all spam) were also scanned and 31.4 percent (36,405) were compromised with various forms of malware. The majority of compromised attachments were found in images (55.6%), followed by PDFs (15.0%) and binary files (10.0%). Various trojans and ransomware were the most common malware, and these and others identified in the sample are described.
    Original languageEnglish
    Pages (from-to)1-18
    JournalTrends and Issues in Crime and Criminal Justice
    Issue number603
    Publication statusPublished - 2020


    Dive into the research topics of 'Malware in spam email: Risks and trends in the Australian Spam Intelligence Database'. Together they form a unique fingerprint.

    Cite this