|
SOURCE: MessageLabs, Inc.
|
August 05, 2008 06:00 ET
MessageLabs Intelligence July 2008: Spammers Use Google Sites to Host Spam
Web Threats Continue Rise Following SQL Injection Attacks; Reach Record Levels
NEW YORK, NY and LONDON--(Marketwire - August 5, 2008) - MessageLabs, the leading provider
of messaging and web security services to businesses worldwide, today
announced the results of its MessageLabs Intelligence Report for July 2008.
Analysis highlights that spammers continued the trend of abusing Google's
hosted applications to host spam. Previously abused applications include
Google Docs, Google Pages and Google Calendar. Google Sites allows a novice
to easily create a web page composed of a string of random letters and
numbers resulting in a URL that is more difficult to block using
traditional signature-based anti-spam tools.
"Google Sites is yet another way that spammers have programmatically
defeated CAPTCHA (Completely Automated Public Turing Test to Tell Computers
and Humans Apart) mechanisms, a validation technique that is designed to
defend against automated sign-up tools frequently used by spammers by
requiring the user to enter a string of letters," said Mark Sunner, Chief
Security Analyst, MessageLabs. "While Google Sites spam accounts for only 1
percent of all spam currently, we anticipate that this technique's
popularity will rival that of its predecessors, Google Docs, Calendar and
Pages spam. If this is the case, then we may see spam levels increase in
the months ahead."
Also in July, the number of new malicious websites blocked each day has
increased by 91 percent from 2,076 since June to an average of 3,968 new
sites intercepted daily. This month's rise in web threats, according to
MessageLabs, is due to the number of websites linked to SQL injection
attacks. This latest increase in malicious websites brings the threat to
record high levels.
"An emerging theme for threats this month seems to be new variations on old
attack methods," Sunner said. "Following on from June, web-based malware
continues to be a treacherous threat and organizations would be smart to
build their Web security defenses in preparation for what could be on the
horizon."
Similar to last month, a flood of spam emails with subject lines displaying
celebrity names and made up breaking news was intercepted in July. The
Storm-generated emails included links to the Storm malware disguised as
video footage of the fabricated events. However, the celebrity referenced
spam emails were unique in that they contained links that, if activated,
downloaded the new rogue anti-spyware program Antivirus XP 2008 on the
victims' computers using a file called video.exe. The program then scans
the computer and displays the number of infections, which can only be
removed by purchasing the software.
Other report highlights:
Web security: Analysis of Web security activity shows that 83.4 percent of
all web-based malware intercepted was new in July. MessageLabs also
identified an average of 3,968 new websites per day harboring malware and
other potentially unwanted programs such as spyware and adware, an increase
of 91 percent since June.
Spam: In July 2008, the global ratio of spam in email traffic from new and
previously unknown bad sources was 75.1 percent (1 in 1.33 emails), a
decrease of 1.4 percent since June.
Viruses: The global ratio of email-borne viruses in email traffic from new
and previously unknown bad sources was one in 148.2 emails (.67 percent), a
decrease of 0.07 percent since June. In July, 3 percent of email-borne
malware contained links to malicious sites, a decrease of 17.3 percent
since June.
Phishing: In July, phishing activity rose by .19 percent compared with the
previous month. One in 180.6 (.55 percent) emails comprised some form of
phishing attack. When judged as a proportion of all email-borne threats
such as viruses and Trojans, the number of phishing emails has increased by
33.8 percent to 82.1 percent of all email-borne malware threats intercepted
in July.
Geographical Trends:
-- In July, Switzerland remained the most spammed country with levels
reaching 84.2 percent of all email. The largest increase in spam levels
this month was observed in the United States where it rose by 5.9 percent
to 79.8 percent.
-- Spam levels in the UK reached 69.9 percent in July and 74.6 percent in
Canada. Germany's spam rate reached 70 percent and spam rose to 70.6
percent in the Netherlands. Spam levels in Australia were 64.1 percent,
72.9 percent in China and 67.8 percent in Japan.
-- The largest increase of .48 percent in virus activity was observed in
Canada where virus levels of 1 in 80.7 put the country in third place for
July.
-- Virus levels for the US were 1 in 243.7 and 1 in 110.3 for the UK and
1 in 214.8 for Germany. In Australia, virus levels were 1 in 303.1 and 1 in
378.6 for Japan.
Vertical Trends:
-- Spam decreased across all industry sectors in July with the exception
of the Non-Profit sector where spam rose by 5.8 percent to 82.2 percent.
-- The largest decrease was noted in the Accommodation and Catering
sector where levels fell by 3.6 percent and 73 percent respectively.
-- Chemical and Pharmaceutical sector spam levels reached 72.6 percent,
78.3 percent for Retail, 72.4 percent for Public Sector and 68.5 percent
for Finance.
-- Similarly, virus levels across most industry sectors decreased during
July. In the Real Estate sector, virus levels rose by .07 percent to 1 in
135.4 emails containing malware. The largest decline was noted in the
Accommodation and Catering sector where levels fell by .51 percent to 1 in
69 emails containing malicious content.
-- Virus levels for the IT Services sector were 1 in 158.7, 1 in 176.6
for Retail and 1 in 198.8 for Finance.
The July 2008 MessageLabs Intelligence Report provides greater detail on
all of the trends and figures noted above, as well as more detailed
geographical and vertical trends. The full report is available at
http://www.messagelabs.com/intelligence.aspx.
MessageLabs Intelligence is a respected source of data and analysis for
messaging security issues, trends and statistics. MessageLabs provides a
range of information on global security threats based on live data feeds
from our control towers around the world scanning billions of messages each
week.
About MessageLabs
MessageLabs is a leading provider of integrated messaging and web security
services, with over 18,000 clients ranging from small business to the
Fortune 500 located in more than 86 countries. MessageLabs provides a
range of managed security services to protect, control, encrypt and archive
communications across Email, Web and Instant Messaging.
These services are delivered by MessageLabs globally distributed
infrastructure and supported 24/7 by security experts. This provides a
convenient and cost-effective solution for managing and reducing risk and
providing certainty in the exchange of business information. For more
information, please visit www.messagelabs.com