Home  › Email › Email Marketing

The Deadly Duo: Spam and Viruses, June 2006

  |  July 21, 2006   |  Comments

Image spam continues to get noticed;

Russian president Vladimir Putin is alive and well, but hackers fabricated a story sent via e-mail in an attempt to distribute and infect recipients with a Trojan horse. This form of distribution of malicious code is what threat management solutions firm Sophos calls a "joe job" meaning "a spam campaign forged to appear as though it came from an innocent party, with the intention of incriminating or pinning blame onto them." In this case, the false e-mail appeared to come from BBC News.

In May, a vulnerability in Yahoo Mail allowed hackers to reach the Web mail users; in June a widespread phishing scam targeted Gmail users. Sophos identified the e-mail announcing a $500 prize, redeemable at what was purported to be a Gmail-related link. The link actually took users to a Tripod-hosted Web site. It cost victims $8.60 to begin a membership in order to collect the "winnings." Additionally, the e-mail offered to pay the reward through PayPal or other electronic accounts, potentially capturing yet more user data.

In a report detailing computer threats in the first six months of the year, the security firm made the recommendation home users to switch from Windows-based systems to Macs due to the dominance of Windows-based threats. In the first half of 2006, distribution of Trojans increased in proportion to viruses. The 2006 ratio is 4:1, compared to 2:1 for the same period last year.

A quicker uptake of threats was observed by McAfee, a firm that serves both home users, businesses, and the public sector. It took 18 years for the company to build a database and provide protection for 100,000 threats, a landmark it reached in September 2004. At the beginning of this month, it the company protects against hit 200,000. That's a 60 percent decrease in the time it took to double the number of threats in the database.

Research firm Evans Data reports a 20 percent drop in security breaches in the Europe/Middle East/Africa (EMEA) region. Twenty-two percent of all breaches are computer viruses including worm and buffer overflow attacks.

Cyber threats like viruses and phishing are advancing from traditional methods to more targeted attacks, according to MessageLabs. Spammers deploy e-mail, Web and IM platforms to strengthen the effectiveness of viruses, spam and spyware. The interconnectivity can make "a harmless looking e-mail quickly become a more serious Web threat," a report said.

Security firms continue to observe the trend of image spam. IronPort was among the first to release details on the trend, but it affects the anti-spam industry across the board.

E-mail isn't blocked from rendering in some e-mail clients because the image is imbedded in the message, according to Postini. If the e-mail contains only an image, spammers can't track open rates as they can with HTML-based e-mail.

"[Spammers] might sneak their message past the spam filters by using an image, and they might also imbed a Web bug, an image that's displayed in the message which they might be able to track," said Andrew Lochart, senior director of marketing at Postini.

Top Five Viruses, June 2006
Virus NameQuantity Blocked
Netsky4,459,484
Mytob3,638,833
Mime2,634,093
Bagle2,510,370
Mydoom1,421,450
Source: Postini, 2006

Competing firm Commtouch claims image spam causes "bandwidth bloat." Image spam accounts for 30 percent of spam globally on average in a given day. On days when the category reaches distribution peak, the global bandwidth and storage consumed by spam can reach 70 percent.

"Image-based spam pay quickly cause IT resource overload if not dealt with properly," said Dan Yachin, research director of EMEA Emerging Technologies at IDC, in a Commtouch statement. "While textual spam messages cause loss of productivity, image spam messages that are three times their size are a whole different ball game, causing a real bandwidth and storage crisis."

Another emerging trend followed by Kaspersky Lab is the re-emergence of polymorphic scripts (define). While the type of virus code began its life in 1990, virus writers moved away from the technique for a time. They now use the code to push viruses past security measures. In 2005 and 2006, polymorphic code has been implemented in script viruses or worms, which is a new use of the application. Previously, the code was used with browser vulnerabilities and Trojan-downloaders written in script languages. Its most prevalent use was in the LoveLetter worm.

Online Scanner Top 20, June 2006
PositionNamePercentage
1Trojan-Spy.Win32.Banker.anv 2.63
2Trojan.Win32.Agent.vg1.82
3Email-Worm.Win32.Rays1.68
4Trojan-PSW.Win32.Lineage.acb1.48
5not-a-virus:Monitor.Win32.Perflogger.az1.33
6Email-Worm.Win32.Brontok.q 1.10
7Trojan-Downloader.JS.Agent.ah1.07
8Trojan-PSW.Win32.Gamania.cl1.03
9Trojan.Win32.VB.ami0.99
10not-a-virus:PSWTool.Win32.RAS.a0.94
11Trojan-Downloader.Win32.Adload.bo0.91
12Trojan-Spy.Win32.Banbra.gi0.87
13Trojan.Win32.Agent.qt0.77
14Trojan-PSW.Win32.Lineage.oz0.74
15not-a-virus:Monitor.Win32.Perflogger.ad0.73
16Email-Worm.Win32.Bagle.fy0.73
17Packed.Win32.Tibs0.72
18not-a-virus:Monitor.Win32.Perflogger.al0.71
19Trojan-Downloader.Win32.Bagle.at0.67
20Email-Worm.Win32.Bagle.gen0.65
Other malicious programs78.43
Source: Kaspersky Lab, 2006

ClickZ Live New York What's New for 2015?
You spoke, we listened! ClickZ Live New York (Mar 30-Apr 1) is back with a brand new streamlined agenda. Don't miss the latest digital marketing tips, tricks and tools that will make you re-think your strategy and revolutionize your marketing campaigns. Super Saver Rates are available now. Register today!

ABOUT THE AUTHOR

Enid Burns

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!

COMMENTS

UPCOMING EVENTS

UPCOMING TRAINING

Featured White Papers

Google My Business Listings Demystified

Google My Business Listings Demystified
To help brands control how they appear online, Google has developed a new offering: Google My Business Locations. This whitepaper helps marketers understand how to use this powerful new tool.

5 Ways to Personalize Beyond the Subject Line

5 Ways to Personalize Beyond the Subject Line
82 percent of shoppers say they would buy more items from a brand if the emails they sent were more personalized. This white paper offer five tactics that will personalize your email beyond the subject line and drive real business growth.

WEBINARS

Resources

Jobs

    • Customer Service Consultant
      Customer Service Consultant (Bonner and Partners) - Delray BeachBonner & Partners: Full-time Customer Service Consultant Position Who we are...
    • Financial Editor
      Financial Editor (Confidential) - DurhamSIX FIGURE EDITORS WANTED: To enforce lofty NEW editing standards. Easy Conditions Unlikely. Promotion and...
    • Information Processing Specialist
      Information Processing Specialist (Agora Inc. ) - BaltimoreInformation Processing Specialist – The IP specialist position ensures the successful...