The Deadly Duo: Spam and Viruses, February 2006
An anti-spam working group releases its first metrics on abusive e-mail; personalized malware hits the market.
An anti-spam working group releases its first metrics on abusive e-mail; personalized malware hits the market.
Crippled data speeds aren’t yet caused by tiered Internet service. The Messaging Anti-Abuse Working Group, a new body that aims to measure and reduce spam, released its first report which estimates 80 percent of all Internet traffic today is comprised of abusive email.
In the report, the organization finds out of 127.2 million represented email boxes, there were 61.342 billion dropped connections (email undelivered due to server outage); 142.534 billion blocked or tagged inbound emails; and 36.593 billion unaltered, delivered emails in the fourth quarter of 2005. The ratio of blocked or tagged inbound email to valid email is 5.6 to 1, or 85 percent.
Security software firm Panda Software uncovered operations of a firm offered to design made-to-measure Trojan horses (define) to hackers for $990. One Trojan detected by the security firm was programmed to steal bank information from Web forms. The company worked with RSA Security to take down the developer of malicious code for-hire by the first week in March.
An evolution in phishing ( define)attacks that appear to be sent from bank and financial institutions was recognized by AppRiver. Instead of the typical phishing email stating a user’s account is in peril, a number of emails were made to look as if they came from Chase Manhattan bank. These asked customers to take a survey and receive a credit of $20 dollars as a reward.
Nine signature-busting attacks were observed out of the 25 new viruses detected by Commtouch in February. Signature-busting attacks are those with a distribution mechanism engineered to break in before anti-virus companies recognize, create a patch and update computers running anti-virus software. The nine threats ranged in intensity, four were rated “low intensity;” three registered “significant;” one reached “medium-high” threat status and another was classified as “massive” by the security firm.
Spam Origins, February 2006 | |
---|---|
Country | Percent |
United States | 43.70 |
China | 13.63 |
Germany | 3.90 |
Republic of Korea | 3.78 |
France | 2.70 |
United Kingdom | 2.57 |
Source: Commtouch, 2006 |
Meanwhile, Commtouch said spam accounted for 46.4 percent of all email traffic for corporate users. Consumer email accounts reached a much higher rate, 41.5 percent of all personal email is classified as spam. The combined average on a global level is 58.2 percent, about two out of every three emails.
Major Spam Categories, February 2006 | |
---|---|
Category | Percent |
Pharmaceutical | 52.22 |
Enhancers | 15.52 |
Gifts | 14.41 |
Finance | 8.09 |
Porn/Software/Miscellaneous | 9.76 |
Source: Commtouch, 2006 |
Spammers continue to utilize established domains for mailings. Out of 258 million samples analyzed by the security firm, 6.1 million allegedly came from Hotmail.com; four million from Yahoo.com; 1.7 million from Verizon.com; and between one and 1.5 million appeared to be sent from MSN, PayPal, Cisco and Gmail.
MessageLabs captured the global ratio of spam in email traffic from new and unknown sources at 60.6 percent, a six percent decline from January. The global ratio of email borne viruses was 44.1 percent, just under the rate of the previous month. Phishing increased half a percent in January. One in 334.9 emails was a phishing attempt.
In its semi-annual Internet security threat report, Symantec notes an increase in threats designed to facilitate cyber crime. It finds attackers are focusing their efforts on regional targets, desktops and Web applications to capture personal, financial and confidential information, rather than making large-scale attacks. The trend was first recognized in the company’s previous report and remains a continuing threat to computer users.
Kaspersky Labs recorded movement in its Online Scanner measurement of virus threat activity. It saw 12 new malicious programs in February. Only two of the top five threats ranked in January remained on the top 20 list in February.
Online Scanner Top 20, February 2006 | ||
---|---|---|
Position | Name | Percentage |
1 | Email-Worm.Win32.Bagle.fj | 4.76 |
2 | Trojan-Spy.Win32.Banker.anv | 2.20 |
3 | Trojan-Spy.Win32.Banker.ark | 2.04 |
4 | Trojan-Spy.Win32.Bancos.ha | 1.56 |
5 | Worm.Win32.Feebs.gen | 1.44 |
6 | Trojan-Spy.Win32.Banker.ahy | 1.06 |
7 | Email-Worm.Win32.Wukill | 0.92 |
8 | Trojan-Downloader.Win32.VB.vz | 0.90 |
9 | Trojan-Downloader.Win32.Adload.t | 0.89 |
10 | not-a-virus:PSWTool.Win32.RAS.a | 0.77 |
11 | Backdoor.Win32.ControlTotal.ag | 0.67 |
12 | not-a-virus:Monitor.Win32.Perflogger.az | 0.67 |
13 | Trojan-Downloader.Win32.INService.gen | 0.63 |
14 | Backdoor.Win32.Rbot.gen | 0.55 |
15 | Trojan-PSW.Win32.PdPinch.gen | 0.54 |
16 | Email-Worm.Win32.Nyxem.e | 0.54 |
17 | Trojan-Downloader.Win32.Harnig.bb | 0.47 |
18 | Email-Worm.Win32.NetSky.q | 0.46 |
19 | Trojan-Spy.Win32.Bancos.u | 0.44 |
20 | Virus.Win32.Parite.b | 0.44 |
Other malicious programs | 78.05 | |
Source: Kaspersky Lab, 2006 |