SOURCE: Cloudmark

August 12, 2008 08:00 ET

New Converged Threats Increase Risks for Subscribers, Warns Cloudmark

Operators Urged to Review Security Strategies to Counter Sophisticated Messaging Attacks That Target Fixed, Mobile and Social Networks

SAN FRANCISCO, CA--(Marketwire - August 12, 2008) - Cloudmark, Inc., the global leader in carrier-grade messaging security, today warned of increased risk for converged operators from the online attacker community and urged service providers to review their security strategies to counteract the growing prevalence of attacks across multiple mediums.

Cloudmark has observed online attackers using new, advanced threat techniques that combine attributes of spam, phishing and malware into a single attack, which is then distributed across a variety of mediums. These "converged threats" look for coverage gaps in traditional security solutions that are designed for a specific type of attack, such as a spam or virus outbreak over a specific medium like e-mail. However, because these new, "mash-up" type of attacks blend elements of spam, phishing and/or viruses into a single attack that is unleashed simultaneously across e-mail, mobile, Web and social networks, they evade traditional security solutions.

In order to combat today's threats, Cloudmark is strongly advising service providers to look for security platforms that are threat-agnostic and able to automatically identify and stop attacks across multiple mediums.

As part of Cloudmark's continuous analysis of global threats, the company has identified several examples of converged attacks:

--  "Smishing" -- A recent trend in mobile phishing attacks that usually
    involve the use of VoIP phone number accounts obtained through e-mail
    phishing attacks as the call to action.
--  Modern e-mail viruses -- The majority of recent e-mail virus threats
    no longer distribute viruses as an attachment, but rather host the virus on
    a Website and distribute e-mails that link to that Website.
--  "Crush" attack -- A recent attack distributed through SMS messaging, e-
    mail and social network communication that entice users to login to a
    Webpage and unknowingly opt in for a premium rate SMS service (see visual

"Convergence is everywhere, including in the online attacker community," said Jamie de Guerre, chief technology officer at Cloudmark. "To combat today's threats, the only truly effective security solution is one that can stop all forms of abuse -- from spam, phishing and viruses to advanced 'converged' attacks, across all mediums -- from e-mail and mobile messaging to social networking sites. Only by sealing all potential gaps can service providers deploy new converged services with confidence that both the platforms and their subscribers are protected against today's known abuses and tomorrow's advanced threats."

Note to Editors

Pictorial examples of crush spam across mediums are available by contacting

About Cloudmark

Cloudmark, Inc. is a global leader in carrier-grade messaging security, delivering the most accurate, high-performance and comprehensive real-time spam, virus and phishing protection for fixed, mobile and social networks. Cloudmark patented solutions combine Advanced Message Fingerprinting technology based on innovative, highly efficient algorithms and a Global Threat Network consisting of trusted reporters in every country across the globe to provide security intelligence and filtering at all points of the messaging infrastructure. Cloudmark solutions protect more than 700 million mailboxes for the world's largest service provider networks, including over 75 percent of major ISPs in the United States and Japan. Cloudmark's customers include Swisscom, EarthLink, Comcast, Tele2, Thus, NTT OCN and XS4ALL (KPN) as well as leading hosting providers, Mailtrust, domainFACTORY, Intergenia and others. Cloudmark is a privately held company headquartered in San Francisco with offices in London, Tokyo, Beijing and Hong Kong. For more information, please visit

Contact Information