A Compelling Vision

MessageLabs Journal

Subscribe to MessageLabs Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get MessageLabs Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


MessageLabs Journal Authors: AppDynamics Blog, RealWire News Distribution, Mike Sweeney, Guy Bunker, Maureen O'Gara

Related Topics: MessageLabs Journal, Pharmaceutical News

MessageLabs Journal: Article

MessageLabs Intelligence August 2008: Google's Picasa Web Albums and Flash Content Debut as Spam Hosting Techniques

Botnet Expansion Credited With 160 Percent Increase in Spam Volumes

NEW YORK, NY and LONDON -- (Marketwire) -- 09/03/08 -- MessageLabs, the leading provider of messaging and web security services to businesses worldwide, today announced the results of its MessageLabs Intelligence Report for August 2008. Analysis highlights that Google Picasa Web Albums is the latest of Google's hosted services to be exploited by spammers while Adobe Flash redirection techniques are also being abused by spammers to host Flash-based .SWF, Shockwave Flash, files that cause Web browsers to re-direct to the spammer's site. Together, both of these new techniques accounted for less than 2 percent of spam in August, but MessageLabs expects these tactics will increasingly generate more spam in the coming months.

"Over the course of this year, spammers have been highly focused on using as many of Google's free, hosted services as possible to distribute spam," said Mark Sunner, Chief Security Analyst, MessageLabs. "Not only are the links contained within the spam emails difficult for traditional anti-spam filters to detect as they appear to be legitimate URLs, but it is also much more unlikely such filters will block emails based on the URLs they contain without causing significant collateral damage."

Also in August, spam volumes rose by 160 percent resulting in an overall three percent increase in spam levels. The sharp rise in spam can be attributed to the aggressiveness of the Srizbi and Cutwail botnets, which both grew by between 20 and 25 percent in July and August. The profile of the increased spam activity was similar to spam runs seen in July with most spam arriving as short, text-based messages. However, the increased capacity of the botnets resulted in higher volumes of this spam. In addition, 64 percent of emails containing malicious links spoofed virtual greeting cards or fake online postcards, an increase of 51.8 percent since July.

"The new rogue anti-spyware program, Antivirus XP 2008, threatened businesses again this month both as the downloadable that arrives in an email with a Flash component advertising a free Microsoft upgrade and again as a dropper component in the emails spoofing virtual greeting cards and fake online postcards," Sunner said. "When the link containing the executable is activated, it proceeds to install Antivirus XP 2008 on the victim machine. This contributed to the 12.2 percent increase in the proportion of email-borne malware contained in links to malicious sites, which represents 15.2 percent of all malware intercepted in August."

Other report highlights:

Web security: Analysis of Web security activity shows that 23.9 percent of all web-based malware intercepted was new in August. MessageLabs also identified an average of 2,980 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, a decrease of 24.9 percent since July.

Spam: In August 2008, the global ratio of spam in email traffic from new and previously unknown bad sources was 78.2 percent (1 in 1.28 emails), an increase of 3.12 percent on the previous month.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was 1 in 87.6 emails (1.14 percent), an increase of 3.12 percent since July. In August, 15.2 percent of email-borne malware contained links to malicious sites, an increase of 12.2 percent since July.

Phishing: In August, phishing activity fell by .36 percent compared with the previous month. One in 522.7 (0.19 percent) emails comprised some form of phishing attack. When judged as a proportion of all email-borne threats such as viruses and Trojans, the number of phishing emails has increased by 65.3 percent to 16.8 percent of all email-borne malware threats intercepted in August.

Geographical Trends:

 

--  In August, France became the most spammed country with levels reaching
    82.8 percent of all email, an increase of 3.5 percent. The largest increase
    in spam levels this month was observed in Italy where spam levels rose by
    13.9 percent to 71.3 percent.
--  Spam levels in the UK reached 67.9 percent in August and 70.8 percent
    in Canada and 76.6 percent in the US. Germany's spam rate reached 69.5
    percent and 73.1 percent in the Netherlands. Spam levels in Australia were
    66.5 percent, 78.3 percent in China and 64.2 percent in Japan.
--  The largest increase of 2.75 percent in virus activity was observed in
    Italy where virus levels of 1 in 35.3 put the country in second place for
    August.
--  Virus levels for the US were 1 in 112.9 and 1 in 67.4 for the UK and 1
    in 81.6 for Germany. In Australia, virus levels were 1 in 146.1 and 1 in
    133.2 for Japan.
    

 

Vertical Trends:

 

--  Spam in the Automotive sector rose the highest in August, by 6.3
    percent to 83.6 percent.
--  The largest decrease was noted in the Engineering sector where levels
    fell by 7 percent to 68.5 percent.
--  Chemical and Pharmaceutical sector spam levels reached 70.5 percent,
    72.3 percent for Retail, 69.9 percent for Public Sector and 66.5 percent
    for Finance.
--  Virus levels increased across most industry sectors during August.
    Education had the highest increase of 1.52 percent to 1 in 28.9 emails
    containing malware. There was no decrease in virus levels for any sector
    during August.
--  Virus levels for the IT Services sector were 1 in 96, 1 in 866 for
    Retail and 1 in 131.9 for Finance.
    

 

The August 2008 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at http://www.messagelabs.com/intelligence.aspx.

MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About MessageLabs

MessageLabs is a leading provider of integrated messaging and web security services, with over 18,000 clients ranging from small business to the Fortune 500 located in more than 86 countries. MessageLabs provides a range of managed security services to protect, control, encrypt and archive communications across Email, Web and Instant Messaging.

These services are delivered by MessageLabs globally distributed infrastructure and supported 24/7 by security experts. This provides a convenient and cost-effective solution for managing and reducing risk and providing certainty in the exchange of business information. For more information, please visit www.messagelabs.com

Media Contacts:

US:
Marissa Vicario
MessageLabs
+1 646 519 8116
Email Contact

Hill and Knowlton for MessageLabs
+1 212 885 0552
Email Contact

EMEA:
Paul Wood
MessageLabs
+44 (0) 1452 627705
Email Contact

Weber Shandwick for MessageLabs
+44 (0) 20 7067 0500
Email Contact

APAC:
Andrew Antal
MessageLabs
+61 2 8208 7171
Email Contact

Spectrum Communications for MessageLabs
+61 2 9954 3299
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.