SOURCE: MessageLabs

April 02, 2007 06:00 ET

MessageLabs Intelligence Report: Small Businesses in the Line of Fire

Increased Spam, Social Engineering and More Sinister Activity in First Quarter of 2007

NEW YORK, NY and LONDON -- (MARKET WIRE) -- April 2, 2007 -- MessageLabs, a leading provider of integrated messaging and web security services to businesses worldwide, today announced the results of its MessageLabs Intelligence Report for March 2007. Quarter on quarter spam levels have raised to 76.3 percent, their highest in two years. Virus and botnet activity has also increased. The report highlights the impact of increased spam levels on small-to-medium sized businesses (SMBs) as these organizations receive more than double the volume of spam per user each month than in enterprise organizations.

While spam levels for the month of March decreased by 2.6 percent from February, MessageLabs saw an overall increase in spam for the first quarter of 2007. Spammers do not distinguish between the sizes of organizations being targeted; smaller businesses will receive just as much spam as larger enterprises but are less likely to have defense systems in place. For small businesses, spam can very quickly become a silent killer, overwhelming the resources of the mail system before any effective countermeasures can be enforced.

This month, MessageLabs also conducted research into the threats and challenges faced by small businesses today. The findings of this research are published in a separate report that can be found at Following on the research results, MessageLabs launched its Small Business Security Clinic and Makeover contest designed to help businesses with their IT security needs by providing the resources and education necessary for them to begin to make informed decisions toward becoming more secure. The Makeover contest entry form can be accessed at

"Today, spam is considered a side effect of email," said Mark Sunner, Chief Security Analyst, MessageLabs. "The majority of small businesses view spam as an ongoing irritation rather than a real threat and have given up on dealing with the issue only to find that bad guys target them even more aggressively. If the first quarter data tells us anything, it's that malicious activity in the form of spam will only continue on an upward trend."

Also in Q1 2007, MessageLabs saw virus and trojan traffic levels steadily decline from last year with rates of 1 in 126.1 emails. While the overall levels decreased, MessageLabs believes that virus and Trojan activity is actually on the rise with spammers delivering them disguised as spam. Phishing activity accounted for 70.8 percent of the malware threats this quarter, an increase of 8.6 percent on the previous quarter. In early 2007, "do-it-yourself" phishing kits became more available and easier to obtain online. MessageLabs also saw continued targeted phishing attacks based on information available on social networking sites and new variants of Warezov and StormWorm being intercepted at alarmingly high rates.

Other report highlights:

Spam: In March 2007, the global ratio of spam in email traffic from new and unknown bad sources, for which the recipient addresses were deemed valid, was 75.2 percent (1 in 1.33 emails), a decrease of 2.6 percent on the previous month. Techniques adopted by spammers have become increasingly more sophisticated indicating spam will continue at similar levels in the coming months. As botnets become more agile, fewer viruses are now needed to maintain them giving way to a divergence between spam and virus levels.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources destined for valid recipients, was 1 in 145.0 emails (0.6 percent) in March, a decrease of 0.2 percent since last month. Virus and Trojan traffic levels have steadily declined over the last year with Q1 2007 rates of 1 in 126.1 emails. This is in direct correlation with the shift toward more subtle, targeted attacks and in the way that criminals distribute malware.

Phishing: March saw a fall of 0.17 percent in the proportion of phishing attacks compared with the previous month. One in 203.7 (0.32 percent) emails comprised some form of phishing attack. When judged as a proportion of all email-borne threats such as viruses and trojans, the number of phishing emails has fallen to 46.9 percent of the malware threats in March. Overall for the quarter, phishing activity accounted for 70.8 percent of the malware threats.

Geographic Trends:

--  Israel has returned to the top spot for spam in March, largely due to
    the operations of one or two well-known spammers in the region.  According
    to Spamhaus, Amichai Inbar runs a "full scale criminal operation that
    includes spamming porn, illegal drugs and pump-&-dump stock using botnets.
    They have partnered with many of the worst US and Russian ROKSO spammers."
    Meanwhile, Amir Gans, continues to operate his self-styled, "No.1 Israeli
    email marketing company."
--  Hong Kong is quickly becoming a safe-haven for the hosting of
    "spamvertized" sites, which are websites advertised in spam messages, as
    well as some phishing domains.  The perception seems to be that sites
    hosted with a .HK suffix will remain operational for a much longer period
    as it seems to take longer to close them down.
--  India climbed to the top of the virus chart this month, overtaking
    Germany and France, despite a fall in activity across all three regions.
    Activity in Singapore also fell slightly, but not enough to keep it out of
    the top-5 this month.
Vertical/Industry Trends:

MessageLabs compiles data that shows the impact and vulnerability rates of spam and viruses specific to major industry sectors.

--  Spam levels have diminished slightly across the top-5 verticals --
    Manufacturing, Education, IT Services, Marketing/Media and Wholesale -- in
    March, their positions were unchanged from the previous month.
--  Spam levels also fell in the Estate Agent vertical and the General
    Service sector, the lowest for March.
--  Virus levels fell across all top-5 verticals in March, propelling
    Business Support Services into the top spot, overtaking Education.
The March MessageLabs Intelligence Report provides greater detail on all the trends and figures noted above, as well as more detailed trends for the first quarter of 2007. The full report is available at

MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs provides a range of information on global security threats based on live data feeds from our control towers around the world. To view live statistics on email security threats around the world please visit

About MessageLabs

MessageLabs is a leading provider of integrated messaging and web security services, with over 15,000 clients ranging from small business to the Fortune 500 located in more than 80 countries. MessageLabs provides a range of managed security services to protect, control, encrypt and archive communications across Email, Web and Instant Messaging.

These services are delivered by MessageLabs globally distributed infrastructure and supported 24/7 by security experts. This provides a convenient and cost-effective solution for managing and reducing risk and providing certainty in the exchange of business information. For more information, please visit

Contact Information