Browse
related articles
With spam levels globally continuing to stay at a two-year high of approximately 90%, some countries are experiencing levels in excess of 95%, such as Germany, France and The Netherlands. MessageLabs Intelligence reveals that one technique contributing to these unprecedented levels, predominantly in non-English language countries, is the use of automated translation services and templates enabling spam runs to operate in multiple languages. Local language spam now accounts for 46% of spam in Germany and 53% in France. In The Netherlands, 25% of spam is in Dutch. In Japan 62.3% is in non-English languages and in China this number is 54.7%.
Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec, said:
"Once again the spammers turn to their online toolbox, the Internet, for their latest tactics. Translation services and templates enable the spammers to push out multiple-language spam attacks and some dubious translations through the use of poor online services highlight the use of these antics. Non-English spam now accounts for one in every 20 spam messages, a figure we'll be closely monitoring to see if spammers continue with their global expansion."
Malware writers seem to have taken a break this month as analysis of web security activity highlights that in July only 0.7% of all web-based malware intercepted was new, compared with 58.8% in June. However, with the number of new websites harboring malware and other potentially unwanted programs identified each day reaching a nine month high of 3,618, it indicates that previously used malware is being more widely distributed to other websites.
Also in July, MessageLabs Intelligence reported that the presence of shortened URLs in spam has skyrocketed with three significant spam bursts occurring this month, accounting for as much as 6.2% of all spam at its peak on July 9, equivalent to more than nine billion spam messages per day worldwide. With many social networking sites providing character restrictions on status updates & messages, the use of free URL redirection services which turn lengthy web addresses into shortened URLs is increasing in popularity as this helps cybercriminals disguise the true URL destination for their victims. Donbot, a botnet responsible for sending approximately five billion spam messages every day, is one of the main culprits for using this new technique.
Finally in July, cyber-criminals continue to use world news and events to their advantage, with the US Independence Day festivities receiving attention from the botnet Waledec. Simply clicking on a malicious link within an email purporting to show a fireworks display of the festivities would have added that unsuspecting user to the Waledec botnet. In addition, the death of Michael Jackson still continues to achieve widespread attention, from fans and fraudsters alike. Michael Jackson spam currently accounts for approximately 1% of all unsolicited mail, and malware and advance fee fraud attacks are becoming common occurrences.
Other report highlights:
Web security: Analysis of web security activity shows that 0.7% of all web-based malware intercepted was new in July. MessageLabs Intelligence also identified an average of 3,618 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 88.5% since June.
Spam: In July 2009, the global ratio of spam in email traffic from new and previously unknown bad sources was 89.4% (1 in 1.12 emails), reflecting a 1% decrease since June.
Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 295.2 emails (0.34%), a decrease of 0.03% since June. In July, 15.2% of email-borne malware contained links to malicious websites, an increase of 4.8% since June.
Phishing: One in 327.6 emails (0.31%) comprised some form of phishing attack, a decrease of 0.05% since June. When judged as a proportion of all email-borne threats such as viruses and Trojans, the number of phishing emails had decreased by 3.2% to 92.9% of all email-borne malware threats intercepted in July.
Geographical Trends:
• Germany overtook France as the most spammed country with levels rising to 97.5%.
• Spam levels in the U.S. rose to 86.0% and 83.0% in Canada. In the UK spam levels increased to 93.6% and the Netherlands saw a rise to 95.7%.
• Increases were also experienced in Australia and Japan, with levels reaching 92.0% and 90.6% respectively.
• Although virus activity in Australia declined to 1 in 153.1 emails, it still retains its place at the top of the virus table for July.
• Virus levels increased in the US and Canada with levels reaching 1 in 367.1 emails and 1 in 361.3 emails respectively. In Germany virus levels were 1 in 344.5 emails and for The Netherlands, 1 in 798.2 emails. In Hong Kong virus activity was 1 in 299.2 emails and in Japan it reached 1 in 580.1 emails.
Vertical Trends:
• In July, the most spammed industry sector with a spam rate of 95.2% was the Marketing and Media sector.
• Spam levels for the Education sector were 95.0%, also 95.0% for the Chemical & Pharmaceutical sector; 93.3% for Retail, 94.0% for Public Sector and 92.1% for Finance.
• Virus activity in the Education sector fell by 0.10%, but it remained at the top of the table with 1 in 144.6 emails being infected.
• Virus levels for the IT Services sector were 1 in 341.0, 1 in 477.9 for Retail and 1 in 288.8 for the Chemical and Pharmaceutical sector.
The July 2009 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends.
Symantec's MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.
Posted by Siba Sami Ammari
