SOURCE: SurfControl

May 02, 2006 00:01 ET

SurfControl Global Threat Experts Identify Key Trends for Spam in First Quarter 2006

Advanced Threat Intelligence Finds Notable Rise in Email Threats

SCOTTS VALLEY, CA -- (MARKET WIRE) -- May 2, 2006 -- SurfControl (LSE: SRF), the global leader in Internet protection, has released their findings on growing threats to email security. Using SurfControl's Adaptive Threat Intelligence (ATI), SurfControl's Global Threat Experts have compiled threat trend data for the first quarter of 2006.

In the first quarter of 2006, threat experts found that product and services-related spam has shown consistent growth of 16 percent month over month. The increase is partly attributable to Russian and Chinese coverage, where spam can be more generic, such as training courses, shopping and forum sites. This double-digit growth was also seen with phishing and fraud spam attacks.

Additionally, there was a significant rise in the amount of pharmaceutical and finance-related spam, together representing 80 percent of spam volume. Stock tip embedded spam is still the most prevalent type of spam, claiming 40 percent of all financial spam, with 1,200,000 instances discovered in March 2006 alone. Embedded spam is defined as when the entire message is contained within a graphic, and has no extraneous text.

New spammer techniques used to avoid reputation-type services also are noteworthy:

1. Spammers increased the use of free redirection services to score legitimate points against domain reputation technology. Common redirectors are

2. In South America, and other regions, free hosts, such as AOL, are being used by spammers to host popular malicious executables and keyloggers.

3. SurfControl also found an increase in remote foreign domain extensions, such as .cc, .sh, .in. Using these extensions increases potential vulnerabilities because all iterations of these domains may not be immediately or easily available globally in WHOIS directories.

Ahead of the Game

The SurfControl Adaptive Threat Intelligence service combines 24/7 research and analysis from the company's global team of threat detection experts with advanced AI technologies and the world's most comprehensive threat databases. Signatures are constantly added by category to the Anti-Spam Agent Digital Fingerprints Database and new Heuristic rules are created. In addition, all URLs used in spam and phishing attacks are added to the appropriate categories, including Spam URLs and Phishing & Fraud in SurfControl's Internet Threat Database that is the critical back-end to the SurfControl Enterprise Protection Suite.

Analysis was done on hundreds of thousands of spam signature profiles from SurfControl's proprietary Digital Fingerprint Database. These signatures represent several hundred million spam attacks globally.

About SurfControl

SurfControl makes Internet communication a business advantage -- and not a threat. The SurfControl Enterprise Protection Suite gives customers 360 degrees Internet protection and covers every point of Internet vulnerability -- including inbound and outbound communication and employees on or off the network. All products in the Enterprise Protection Suite are backed by industry-leading threat detection, delivered by SurfControl's Global Threat Experts working 24/7 to provide customers with dynamic protection against emerging threats. The company has more than 20,000 customers worldwide, and employs more than 500 people in offices across the United States, Europe and Asia/Pacific. For further information and news on SurfControl, please visit

Contact Information

  • Editorial Contact:
    Paige Pace
    Email Contact