The Deadly Duo: Spam and Viruses, March 2006
Misdirected e-mail as a result of spammers falsifying return addresses costs businesses a reported $5 billion per year.
Misdirected e-mail as a result of spammers falsifying return addresses costs businesses a reported $5 billion per year.
Misdirected “bounced” email accounts for 9 percent of email volume, but is growing at the same rate as spam volumes according to “Internet E-Mail Traffic Emergency: Spam ’Bounce’ Messages are Compromising Networks,” a report released by security firm IronPort
Bounces notify users of email sent to an incorrect or undeliverable address. Spammers have adapted a method of misdirected bounces by falsifying the return address to defray traffic generated by undeliverable messages of the millions of spam messages sent each day. Undeliverable or bounced messages can account for 20 percent or more of outbound spam.
The report estimates the occurrence of bounced email costs businesses about $5 billion per year in IT resources. It’s a growing problem, but relatively small in comparison to spam and viruses overall. About 20 percent of email is considered legitimate; 67 percent is classified as spam; bounces account for 9 percent; viruses are 3 percent; and phishing emails account for 1 percent of traffic.
MessageLabs finds targeted attacks and spear-phishing to be growing threats. The U.S. still holds the largest population of compromised, or “zombie,” PCs. The rate of infected computers is 18.1 percent in the U.S., down from 44 percent infected in Q2 2004.
Threat levels appear to stay even with previous months, but it’s believed, “Cyber criminals are becoming more adept at drawing less attention to themselves, by sending out highly-targeted virus and phishing attacks in smaller numbers, running smaller botnets and ultimately finding new ways to make money from victims around the world,” said MessageLabs CTO Mark Sunner in the report, which covers the first quarter of 2006. The company estimates 82.9 percent of email traffic is likely spam. That figure is consistent with data reported last month by the Messaging Anti-Abuse Working Group.
Postini reports an increase in spam volumes for the month of March, though virus distribution decreased slightly. Of the 23 billion messages sent through its servers, 19.6 billion were unwanted email. The volume accounts for a 4 percent increase over February and equates to spam equaling 84 percent of email traffic.
Virus attacks declined in March by 19 percent from the previous month. Postini blocked 32.5 million attempts.
The Top Five Viruses for March 2006 | |
---|---|
Virus Name | Quantity Blocked |
Mytob | 16,742,504 |
Netsky | 5,289,158 |
Mimi | 2,669,122 |
Lovgate | 1,633,323 |
Bagle | 1,179,221 |
Source: Postini, 2006 |
Cyber criminals are developing ways to reach users on many platforms including mobile phones IM, and the long-ignored Mac OS. Kasperski looks at malicious activity on all platforms. It notes a rising trend in user data being held hostage by cyber criminals. Infected computers lock up and require a 10-digit password to remove the virus and restore data. The code is made available after payment is handed over to the violating parties. GpCode, Krotten an Skowor.b are examples of such code that infiltrates computers in this manner.
Online Scanner Top 20, March 2006 | ||
---|---|---|
Position | Name | Percentage |
1 | Trojan-PSW.Win32.LdPinch.air | 23.17 |
2 | Trojan-Downloader.Win32.Delf.ajd | 10.71 |
3 | Trojan-Spy.Win32.Banker.ark | 2.30 |
4 | Trojan-Downloader.Win32.Small.ckj | 2.26 |
5 | Trojan-Downloader.Win32.Small.axy | 0.93 |
6 | Trojan-Spy.Win32.Banker.anv | 0.92 |
7 | Trojan-Spy.Win32.Bancos.ha | 0.88 |
8 | Email-Worm.Win32.Wukill | 0.79 |
9 | not-a-virus:Porn-Dialer.Win32.PluginAccess.gen | 0.76 |
10 | Trojan-Downloader.Win32.Zlob.in | 0.55 |
11 | not-a-virus:PSWTool.Win32.RAS.a | 0.49 |
12 | Virus.Win32.Parite.b | 0.44 |
13 | Trojan-PSW.Win32.LdPinch.ais | 0.42 |
14 | Trojan-Downloader.Win32.Agent.xz | 0.40 |
15 | Trojan-Downloader.Win32.Small.cni | 0.40 |
16 | Exploit.HTML.CodeBaseExec | 0.39 |
17 | Trojan-Downloader.Win32.IstBar.no | 0.38 |
18 | Worm.Win32.Feebs.gen | 0.38 |
19 | Backdoor.Win32.IRCBot.nw | 0.38 |
20 | Trojan-Dropper.Win32.Agent.aiq | 0.36 |
Other malicious programs | 52.69 | |
Source: Kaspersky Lab, 2006 |