Home  › Email › Email Marketing

The Deadly Duo: Spam and Viruses, June 2006

  |  July 21, 2006   |  Comments

Image spam continues to get noticed;

Russian president Vladimir Putin is alive and well, but hackers fabricated a story sent via e-mail in an attempt to distribute and infect recipients with a Trojan horse. This form of distribution of malicious code is what threat management solutions firm Sophos calls a "joe job" meaning "a spam campaign forged to appear as though it came from an innocent party, with the intention of incriminating or pinning blame onto them." In this case, the false e-mail appeared to come from BBC News.

In May, a vulnerability in Yahoo Mail allowed hackers to reach the Web mail users; in June a widespread phishing scam targeted Gmail users. Sophos identified the e-mail announcing a $500 prize, redeemable at what was purported to be a Gmail-related link. The link actually took users to a Tripod-hosted Web site. It cost victims $8.60 to begin a membership in order to collect the "winnings." Additionally, the e-mail offered to pay the reward through PayPal or other electronic accounts, potentially capturing yet more user data.

In a report detailing computer threats in the first six months of the year, the security firm made the recommendation home users to switch from Windows-based systems to Macs due to the dominance of Windows-based threats. In the first half of 2006, distribution of Trojans increased in proportion to viruses. The 2006 ratio is 4:1, compared to 2:1 for the same period last year.

A quicker uptake of threats was observed by McAfee, a firm that serves both home users, businesses, and the public sector. It took 18 years for the company to build a database and provide protection for 100,000 threats, a landmark it reached in September 2004. At the beginning of this month, it the company protects against hit 200,000. That's a 60 percent decrease in the time it took to double the number of threats in the database.

Research firm Evans Data reports a 20 percent drop in security breaches in the Europe/Middle East/Africa (EMEA) region. Twenty-two percent of all breaches are computer viruses including worm and buffer overflow attacks.

Cyber threats like viruses and phishing are advancing from traditional methods to more targeted attacks, according to MessageLabs. Spammers deploy e-mail, Web and IM platforms to strengthen the effectiveness of viruses, spam and spyware. The interconnectivity can make "a harmless looking e-mail quickly become a more serious Web threat," a report said.

Security firms continue to observe the trend of image spam. IronPort was among the first to release details on the trend, but it affects the anti-spam industry across the board.

E-mail isn't blocked from rendering in some e-mail clients because the image is imbedded in the message, according to Postini. If the e-mail contains only an image, spammers can't track open rates as they can with HTML-based e-mail.

"[Spammers] might sneak their message past the spam filters by using an image, and they might also imbed a Web bug, an image that's displayed in the message which they might be able to track," said Andrew Lochart, senior director of marketing at Postini.

Top Five Viruses, June 2006
Virus NameQuantity Blocked
Netsky4,459,484
Mytob3,638,833
Mime2,634,093
Bagle2,510,370
Mydoom1,421,450
Source: Postini, 2006

Competing firm Commtouch claims image spam causes "bandwidth bloat." Image spam accounts for 30 percent of spam globally on average in a given day. On days when the category reaches distribution peak, the global bandwidth and storage consumed by spam can reach 70 percent.

"Image-based spam pay quickly cause IT resource overload if not dealt with properly," said Dan Yachin, research director of EMEA Emerging Technologies at IDC, in a Commtouch statement. "While textual spam messages cause loss of productivity, image spam messages that are three times their size are a whole different ball game, causing a real bandwidth and storage crisis."

Another emerging trend followed by Kaspersky Lab is the re-emergence of polymorphic scripts (define). While the type of virus code began its life in 1990, virus writers moved away from the technique for a time. They now use the code to push viruses past security measures. In 2005 and 2006, polymorphic code has been implemented in script viruses or worms, which is a new use of the application. Previously, the code was used with browser vulnerabilities and Trojan-downloaders written in script languages. Its most prevalent use was in the LoveLetter worm.

Online Scanner Top 20, June 2006
PositionNamePercentage
1Trojan-Spy.Win32.Banker.anv 2.63
2Trojan.Win32.Agent.vg1.82
3Email-Worm.Win32.Rays1.68
4Trojan-PSW.Win32.Lineage.acb1.48
5not-a-virus:Monitor.Win32.Perflogger.az1.33
6Email-Worm.Win32.Brontok.q 1.10
7Trojan-Downloader.JS.Agent.ah1.07
8Trojan-PSW.Win32.Gamania.cl1.03
9Trojan.Win32.VB.ami0.99
10not-a-virus:PSWTool.Win32.RAS.a0.94
11Trojan-Downloader.Win32.Adload.bo0.91
12Trojan-Spy.Win32.Banbra.gi0.87
13Trojan.Win32.Agent.qt0.77
14Trojan-PSW.Win32.Lineage.oz0.74
15not-a-virus:Monitor.Win32.Perflogger.ad0.73
16Email-Worm.Win32.Bagle.fy0.73
17Packed.Win32.Tibs0.72
18not-a-virus:Monitor.Win32.Perflogger.al0.71
19Trojan-Downloader.Win32.Bagle.at0.67
20Email-Worm.Win32.Bagle.gen0.65
Other malicious programs78.43
Source: Kaspersky Lab, 2006

ClickZ Live San Francisco This Year's Premier Digital Marketing Event is #CZLSF
ClickZ Live San Francisco (Aug 11-14) brings together the industry's leading practitioners and marketing strategists to deliver 4 days of educational sessions and training workshops. From Data-Driven Marketing to Social, Mobile, Display, Search and Email, this year's comprehensive agenda will help you maximize your marketing efforts and ROI. Register today!

ABOUT THE AUTHOR

Enid Burns

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!

COMMENTS

UPCOMING EVENTS

Featured White Papers

BigDoor: The Marketers Guide to Customer Loyalty

The Marketer's Guide to Customer Loyalty
Customer loyalty is imperative to success, but fostering and maintaining loyalty takes a lot of work. This guide is here to help marketers build, execute, and maintain a successful loyalty initiative.

Marin Software: The Multiplier Effect of Integrating Search & Social Advertising

The Multiplier Effect of Integrating Search & Social Advertising
Latest research reveals 68% higher revenue per conversion for marketers who integrate their search & social advertising. In addition to the research results, this whitepaper also outlines 5 strategies and 15 tactics you can use to better integrate your search and social campaigns.

WEBINARS

    Information currently unavailable

Jobs

    • Interactive Product Manager
      Interactive Product Manager (Western Governors University) - Salt Lake CityWestern Governors University, one of the 20 largest universities...
    • SEO Senior Analyst
      SEO Senior Analyst (University of Phoenix (Apollo Education Group)) - San FranciscoSEO Senior Analyst   Position Summary...
    • SEM & Biddable Media Manager
      SEM & Biddable Media Manager (Kepler Group LLC) - New YorkAs an Optimization & Innovation Manager at Kepler Group, you will be on the bleeding...