MessageLabs, a leading provider of
integrated messaging and web security services to businesses worldwide,
today announced the findings of its MessageLabs Intelligence Report for
April 2007. In this report, MessageLabs exposes a new level in the
convergence between spam and viruses through intercepted cyber-criminal
activity, whilst highlighting the increase in spam levels and the emergence
of new techniques which have led to decreased rates in traditional virus
and phishing threats.
In what could be one of the most defining moments within the threat
landscape, MessageLabs has intercepted emails that are both spam and
contain a virus. While the cyber-criminals have long used email viruses to
create botnets to send spam, this is the first time MessageLabs has seen
viruses hidden within stock scam spam. Since April 14, MessageLabs has
stopped thousands of these emails as part the latest phase in Storm Worm
activity.
Late this month, the latest strains of Zhelatin, also known as Storm Worm,
were being spammed out in stock pump-and-dump emails which also contained
links to new malware being hosted on websites under the control of the
attackers. Purporting to be a screensaver, the malware then drops the
Zhelatin MeSpam engine onto the compromised computer. Until now, new
versions of Zhelatin have been distributed via botnets to create larger
botnets for the purposes of spamming.
“Why use two emails when just one will do? Now we are seeing the bad guys
layer on the threats — as if it’s not enough to just scam someone and fill
their inbox with junk email, why not also infect and take control of their
computer at the same time? These latest techniques are part of a new
boldness being shown by certain criminal gangs we are tracking,” said Mark
Sunner, Chief Security Analyst, MessageLabs. “These latest developments
also serve to highlight that spam cannot be perceived as just a nuisance
and it should be kept away from the desktop. Protection at the Internet
level avoids any errors by end-users which could have detrimental impact on
a business.”
Earlier this month MessageLabs announced the new data on the levels,
victims and sources of targeted email attacks in March 2007. Last month
MessageLabs intercepted 716 emails in 249 separate targeted attacks aimed
at 216 different organizations. Of these, almost 200 were one-on-one
targeted attacks where the tailored attack comprised a single email
designed to infiltrate one organization. These numbers represent a
significant increase when compared to the same period last year when attack
rates reached one or two per day.
Other report highlights:
Spam: In April, the global ratio of spam in email traffic from new and
unknown bad sources was 76.1 percent (1 in 13.1), an increase of 0.9
percent on the previous month. However, the figure is in real terms
considerably higher, but MessageLabs is now able to filter out large
volumes of known spam from sources such as known botnets. Without
MessageLabs at the Internet level to filter out known spam, and make it
more difficult for spammers to reach its clients, 83.6 percent of email
traffic would have been identified as spam.
Viruses: In April, the global ratio of viruses in email traffic from new
and previously unknown bad sources destined for valid recipients was 1 in
145.5 (0.69 percent), a decrease of 0.003 percent since March. MessageLabs
has found that large scale virus outbreaks have almost become a thing of
the past, as attacks are becoming increasingly more targeted and with
specific business motives.
Phishing: April shows a decrease of 0.08 percent in the proportion of
phishing attacks compared with the previous month, with one in 416.1 emails
containing a phishing attack. However, notably the number of attacks has
fallen by 12 percent, to levels last seen in August 2006, and is now
accounting for 35 percent of all malicious emails intercepted. MessageLabs
expects phishing to continue to decrease in the coming months, due to the
increased numbers of stringent measures being put into place by corporate
organizations.
Geographical Trends:
-- Spam attacks continued to target Israel, with 73.3 percent this month;
however virus attacks are negligible
-- In Germany, spam attacks increased significantly by 10.3 percent,
taking second position in the global rankings, whilst virus rates dropped
by 0.6 percent (1 in 61.5)
-- India continues to lead the virus chart, with an increase of 2.2
percent (1 in 31.7), which is likely to be a result of the country's lack
of Anti-Virus protection and diverse IT infrastructure
-- In contrast, Sweden takes the accolade for the least targeted country
by viral writers, with a decrease of 0.76 percent (1 in 653.6)
Vertical Trends:
-- Once again, Education was the main industry targeted in April, with 1
in 60.4 emails heading for this vertical sector harboring a virus or some
form of malware. This represents a 0.5 percent increase on the previous
month, the largest shift for any vertical
-- The Telecommunications sector continues to be the least targeted
vertical in April, and virus levels fell by 0.02 percent this month
-- An increase in spam activity was noted for the Wholesale sector with a
rise of 0.9 percent; however, the greatest increase occurred in the
Business Support Services sector where levels rose by 16.3 percent
-- Spam levels across Government and Public Sector bodies fell by 3.3
percent this month, and a fall of 1.8 percent was noted across the Finance
sector also, making the vertical the least targeted sector for spam in
April
Information provided by: Findarticles.com
