Spam now accounts for 90.4 percent of all e-mail, according to a report released Monday from security vendor Symantec. This means that 1 out of every 1.1 e-mails is junk. The report also notes that spam shot up 5.1 percent just from April to May.Symantec’s May 2009 MessageLabs Intelligence report reveals other disturbing trends, as well. Rather than just hijack disreputable Web sites, cybercriminals now favor older and well-established domains to host their malware. The report says 84.6 percent of all domains blocked for malicious content are more than a year old. One type of domain now especially vulnerable to threats is social networking, since most of the sites’ content is created by users.
http://news.cnet.com/8301-1009_3-10249172-83.htmlAlso see:
90 Percent of E-mail Is Spam, Symantec Says [IDG]
Spammers seem to be working a little bit harder these days, according to Symantec, which reported Tuesday that unsolicited e-mail made up 90.4 percent of messages on corporate networks last month.That represents a 5.1 percent increase over last month’s numbers, but it’s nothing out of the ordinary. For years, spam has made up somewhere between 80 percent and 95 percent of all e-mail on the Internet.
http://www.pcworld.com/article/165533/.html
http://computerworld.com.au/article/304593/
http://www.networkworld.com/news/2009/052609-90-percent-of-e-mail-is.html
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9133526Report says spam rises in May
Spam is increasing as spammers become more intelligent, according to a report by Symantec.In its May 2009 Messagelabs Intelligence Report the security company said the number of spam emails sent out in the month had increased by five per cent.It said much of the new spam comprised messages with little content other than a subject line and a hyperlink to an active valid profile on one of a number of social networking sites.
http://www.vnunet.com/vnunet/news/2242924/spam-tops-90-per-cent
http://www.computeractive.co.uk/computeractive/news/2242938/spam-rises-security-compnayIs Facebook the New Spam Heaven?
Almost every few hours for a week I’ve been getting messages from my Facebook acquaintances with links to some phishing sites. These are not even very sophisticated messages — instead, they’re random links to utterly evil sites such as atreps.at, greenbuddy.be and nudz.ru. There have been reports of these phishers using TinyURL Web address shorteners. Some have subject lines such as “Look at This” or “Hello.” According to Inside Facebook, these attacks impact less than 1 percent of Facebook users.
http://www.salon.com/tech/giga_om/tech_insider/2009/05/25/is_facebook_the_new_spam_heaven/index.html
Symantec Announces May 2009 MessageLabs Intelligence Report
Abuse of Free Hosted Domains Contributes to Continued Spam Influx; MessageLabs Intelligence Sets Its Watchby Spam ActivitySymantec Corp. today (26/5/09) announced the publication of its May 2009 MessageLabs Intelligence Report. The analysis highlights that spam experienced a further increase of 5.1 percent since last month, reaching heights of 90.4 percent. Also in May, MessageLabs Intelligence revealed that geographic location determines the time of day when spam is received, the data also highlights where spammers are most heavily concentrated.The majority of this increase in spam in May was comprised of messages with very little content other than a subject line and valid hyperlink. Each hyperlink pointed to a different active profile on one of a number of major social networking environments. The profiles were likely created using random names and automated CAPTCHA-breaking tools. Moreover, the emails were sent from valid webmail hosting providers, which means they were not spoofed, as has been the case in the past for these types of domains.”As spam levels continue to increase, we are seeing existing attack techniques combine and morph into one” said Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec. “In 2008 CAPTCHA-breaking, social networking spam and the use of webmail for spamming all became popular tactics. Today, the bad guys are using the three together as a triple threat to heighten the effectiveness of their spamming.”Also this month, MessageLabs Intelligence revealed that geographic location determines when people receive spam. According to research conducted over a seven day period, analysis highlights that US residents see spam peak between 9 and 10 a.m. local time and a drop overnight while Europeans are more likely to receive a steady stream of spam throughout the workday. Those in the Asia-Pacific region start their day with an inbox full of spam and see less trickling in throughout the day.”These patterns suggest that spammers are more active during the US working day,” Wood said. “This could be because most active spammers are based in the US, according to data from Spamhaus, or because this is when the spammers’ largest target audience is online and likely to respond.”Image spam continued into May with Russian language “ransom-style” spam, reminiscent of traditional ransom messages constructed from letters cut out of newspapers. The content appears to read like a ransom message and is constructed from Russian characters taken from different font styles, however the subject line itself is unrelated translating into, “how to attract customers.” The use of the Russian language character set has become more popular in recent spam runs where the Russian character set is used to hide the English language content, a spamming technique deployed to avoid content folders.Finally, in May MessageLabs Intelligence debunked a common misconception that cybercriminals are more likely to use less reputable web sites, like those containing adult content, to hide malware. However, the majority, 84.6 percent, of web site domains blocked in May for hosting malicious content were well-established domains more than a year old. Moreover, the number of new websites harboring malware identified daily declined from 3,561 in April to 1,149 in May supporting the trend that cybercriminals favor the more established domains.”Spammers using better-known and thus more widely trusted web sites to host malware is reminiscent of the spammers who rely on well-known webmail and social networking environments to host spam content,” Wood said. “The trustworthy older domains can be compromised through SQL injection attacks while newer sites are more likely to be flagged as suspicious – a temporary site set up with the sole purpose of distributing spam and malware – and thus faster to get shutdown.”
Other report highlights:
Web security: Analysis of web security activity shows that 34.2 percent of all web-based malware intercepted was new in May. MessageLabs Intelligence also identified an average of 1,149 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, a decrease of 67.7 percent since April.Spam: In May 2009, the global ratio of spam in email traffic from new and previously unknown bad sources was 90.4 percent (1 in 1.11 emails), an increase of 5.1 percent since April.Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 317.8 emails (0.31 percent), a decrease of 0.01 percent since April. In May, 7.0 percent of email-borne malware contained links to malicious sites, a decrease of 6.3 percent since April.Phishing:One in 279.7 emails (0.36 percent) comprised some form of phishing attack, an increase of 0.11 percent in the proportion of phishing attacks compared with April. When judged as a proportion of all email-borne threats such as viruses and Trojans, the number of phishing emails had remained unchanged at 89.7 percent of all email-borne malware and phishing threats intercepted in May.
Geographical Trends:
- Spam levels in Hong Kong rose by 2.4 percent in May to 92.3 percent, positioning it as the most spammed country.
- Spam levels in the UK fell to 90.3 percent and spam levels in the US rose to 86.6 percent and 85.2 percent in Canada. Germany’s spam rate reached 84.8 percent and 82.4 percent in the Netherlands. Spam levels in Australia were 89.7 percent, 91.1 percent in China and 88.5 percent in Japan.
- Virus activity in Brazil rose by 0.05 percent to 1 in 163.7 emails, placing it in the top position for viruses in May.
- Virus levels in the UK rose to 1 in 199.8, 1 in 473.4 in the US and 1 in 262.1 in Canada. Germany’s virus rate reached 1 in 228.9 and the virus rate in the Netherlands reached 1 in 766.0. Virus levels in Australia were 1 in 602.8, 1 in 198.3 in China and 1 in 1,852 in Japan.
Vertical Trends:
- In May, the most spammed industry sector with a spam rate of 89.2 percent was the Automotive sector.
- Spam levels reached 88.1 percent for the Healthcare sector, and 87.9 percent for the Agricultural sector; 87.5 percent for Manufacturing and 87.4 percent for Retail.
- Virus activity in the Education sector rose by 0.04 percent and remains positioned as the most targeted vertical with 1 in 112.5 emails being infected.
- Virus levels for the IT Services sector were 1 in 249.1, 1 in 433.5 for Retail, 1 in 211.0 for the Public Sector and 1 in 466.9 for Finance.
The May 2009 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at www.messagelabs.com/Threat_Watch/Intelligence_Reports.Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available www.symantec.com.This Symantec MessageLabs Intelligence Report news release was sourced from:
www.messagelabs.co.uk/resources/press/30602
Leave a Reply