Home  › Email › Email Marketing

The Deadly Duo: Spam and Viruses, June 2006

  |  July 21, 2006   |  Comments

Image spam continues to get noticed;

Russian president Vladimir Putin is alive and well, but hackers fabricated a story sent via e-mail in an attempt to distribute and infect recipients with a Trojan horse. This form of distribution of malicious code is what threat management solutions firm Sophos calls a "joe job" meaning "a spam campaign forged to appear as though it came from an innocent party, with the intention of incriminating or pinning blame onto them." In this case, the false e-mail appeared to come from BBC News.

In May, a vulnerability in Yahoo Mail allowed hackers to reach the Web mail users; in June a widespread phishing scam targeted Gmail users. Sophos identified the e-mail announcing a $500 prize, redeemable at what was purported to be a Gmail-related link. The link actually took users to a Tripod-hosted Web site. It cost victims $8.60 to begin a membership in order to collect the "winnings." Additionally, the e-mail offered to pay the reward through PayPal or other electronic accounts, potentially capturing yet more user data.

In a report detailing computer threats in the first six months of the year, the security firm made the recommendation home users to switch from Windows-based systems to Macs due to the dominance of Windows-based threats. In the first half of 2006, distribution of Trojans increased in proportion to viruses. The 2006 ratio is 4:1, compared to 2:1 for the same period last year.

A quicker uptake of threats was observed by McAfee, a firm that serves both home users, businesses, and the public sector. It took 18 years for the company to build a database and provide protection for 100,000 threats, a landmark it reached in September 2004. At the beginning of this month, it the company protects against hit 200,000. That's a 60 percent decrease in the time it took to double the number of threats in the database.

Research firm Evans Data reports a 20 percent drop in security breaches in the Europe/Middle East/Africa (EMEA) region. Twenty-two percent of all breaches are computer viruses including worm and buffer overflow attacks.

Cyber threats like viruses and phishing are advancing from traditional methods to more targeted attacks, according to MessageLabs. Spammers deploy e-mail, Web and IM platforms to strengthen the effectiveness of viruses, spam and spyware. The interconnectivity can make "a harmless looking e-mail quickly become a more serious Web threat," a report said.

Security firms continue to observe the trend of image spam. IronPort was among the first to release details on the trend, but it affects the anti-spam industry across the board.

E-mail isn't blocked from rendering in some e-mail clients because the image is imbedded in the message, according to Postini. If the e-mail contains only an image, spammers can't track open rates as they can with HTML-based e-mail.

"[Spammers] might sneak their message past the spam filters by using an image, and they might also imbed a Web bug, an image that's displayed in the message which they might be able to track," said Andrew Lochart, senior director of marketing at Postini.

Top Five Viruses, June 2006
Virus NameQuantity Blocked
Netsky4,459,484
Mytob3,638,833
Mime2,634,093
Bagle2,510,370
Mydoom1,421,450
Source: Postini, 2006

Competing firm Commtouch claims image spam causes "bandwidth bloat." Image spam accounts for 30 percent of spam globally on average in a given day. On days when the category reaches distribution peak, the global bandwidth and storage consumed by spam can reach 70 percent.

"Image-based spam pay quickly cause IT resource overload if not dealt with properly," said Dan Yachin, research director of EMEA Emerging Technologies at IDC, in a Commtouch statement. "While textual spam messages cause loss of productivity, image spam messages that are three times their size are a whole different ball game, causing a real bandwidth and storage crisis."

Another emerging trend followed by Kaspersky Lab is the re-emergence of polymorphic scripts (define). While the type of virus code began its life in 1990, virus writers moved away from the technique for a time. They now use the code to push viruses past security measures. In 2005 and 2006, polymorphic code has been implemented in script viruses or worms, which is a new use of the application. Previously, the code was used with browser vulnerabilities and Trojan-downloaders written in script languages. Its most prevalent use was in the LoveLetter worm.

Online Scanner Top 20, June 2006
PositionNamePercentage
1Trojan-Spy.Win32.Banker.anv 2.63
2Trojan.Win32.Agent.vg1.82
3Email-Worm.Win32.Rays1.68
4Trojan-PSW.Win32.Lineage.acb1.48
5not-a-virus:Monitor.Win32.Perflogger.az1.33
6Email-Worm.Win32.Brontok.q 1.10
7Trojan-Downloader.JS.Agent.ah1.07
8Trojan-PSW.Win32.Gamania.cl1.03
9Trojan.Win32.VB.ami0.99
10not-a-virus:PSWTool.Win32.RAS.a0.94
11Trojan-Downloader.Win32.Adload.bo0.91
12Trojan-Spy.Win32.Banbra.gi0.87
13Trojan.Win32.Agent.qt0.77
14Trojan-PSW.Win32.Lineage.oz0.74
15not-a-virus:Monitor.Win32.Perflogger.ad0.73
16Email-Worm.Win32.Bagle.fy0.73
17Packed.Win32.Tibs0.72
18not-a-virus:Monitor.Win32.Perflogger.al0.71
19Trojan-Downloader.Win32.Bagle.at0.67
20Email-Worm.Win32.Bagle.gen0.65
Other malicious programs78.43
Source: Kaspersky Lab, 2006

ClickZ Live Toronto Twitter Canada MD Kirstine Stewart to Keynote Toronto
ClickZ Live Toronto (May 14-16) is a new event addressing the rapidly changing landscape that digital marketers face. The agenda focuses on customer engagement and attaining maximum ROI through online marketing efforts across paid, owned & earned media. Register now and save!

ABOUT THE AUTHOR

Enid Burns

COMMENTSCommenting policy

comments powered by Disqus

Get ClickZ Email newsletters delivered right to your inbox. Subscribe today!

COMMENTS

UPCOMING EVENTS

Featured White Papers

ion Interactive Marketing Apps for Landing Pages White Paper

Marketing Apps for Landing Pages White Paper
Marketing apps can elevate a formulaic landing page into a highly interactive user experience. Learn how to turn your static content into exciting marketing apps.

eMarketer: Redefining Mobile-Only Users: Millions Selectively Avoid the Desktop

Redefining 'Mobile-Only' Users: Millions Selectively Avoid the Desktop
A new breed of selective mobile-only consumers has emerged. What are the demos of these users and how and where can marketers reach them?

Jobs

    • Contact Center Professional
      Contact Center Professional (TCC: The Contact Center) - Hunt ValleyLooking to join a workforce that prides themselves on being routine and keeping...
    • Recruitment and Team Building Ambassador
      Recruitment and Team Building Ambassador (Agora Inc.) - BaltimoreAgora, www.agora-inc.com, continues to expand! In order to meet the needs of our...
    • Design and Publishing Specialist
      Design and Publishing Specialist (Bonner and Partners) - BaltimoreIf you’re a hungry self-starter, creative, organized and have an extreme...