Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

MessageLabs Intelligence: Virus and Phishing Levels Sky-rocket in September

September 2007 by MessageLabs

MessageLabs announced the results of its MessageLabs Intelligence
Report for September and 3rd quarter of 2007. The new data reveals that
virus and phishing levels have significantly increased, reaching levels
not seen since early 2006. In addition, MessageLabs exposes a second
wave of highly targeted C-level and senior management email attacks with
increased sophistication and outreach.

With a virus threat now incorporated within every 48 emails,
cyber-criminals are steering away from using the more obvious attachment
method of distribution and favoring the use of links to malicious
websites hosting malware code. This technique, which increased in
popularity by approximately 15 percent this quarter, enables social
engineering-based attacks such as e-postcards to be utilized.

Mirroring the recent resurgence in virus attacks, the volume of phishing
threats has also reached exponential levels this month with every 87
emails comprising of a phishing attack. Through the increased
availability of phishing kits and the uptake of aggressive phishing
techniques such as ’rock’ phishing, the quantity and severity of these
attacks are able to increase dramatically. ’Rock’ phishing utilized a
phishing kit which enables a single compromised computer within a botnet
to host multiple phishing sites at the same time.

"The start of the new school year seemed to bring back an increase in
old-school threats and in high volumes. With email more ubiquitous than
the telephone and one in 48 emails containing a virus, most people are
unwittingly receiving more than one virus a day," said Mark Sunner,
Chief Security Analyst, MessageLabs. "As we enter the last quarter of
2007 and draw closer to the holiday season, the bad guys will be
provided opportunity to disguise their attacks through the increase in
genuine well-wishing emails and the anticipated upsurge in online
shopping traffic. In addition, with the incessant rise of comprised
machines through aggressive botnet activity, further spam level
increases are anticipated."

September is not just the month of mass-outreach attacks, the highly
targeted approach is still rife. On September 12, more than 1,100
C-level and senior management executives became the target of another
attack, thought to be from the same perpetrators of the June 26 C-level
assault. With increased sophistication, the emails, which purport to be
from a recruitment company, use a Microsoft error message to persuade
the victims to click on the RFT attachment. Once opened, the RFT file
contains an executable which drops two files onto the computer which in
turn will be used to pass sensitive information back to the attacker.

Other report highlights:

Web Security: Analysis shows that 73.8 percent of the malware
intercepted in September was new. Analysis of policy-based traffic
highlighted that corporate tolerance of social networking sites is
diminishing with Facebook being the most blocked site within the
Personal’s and Dating category for SMBs and Friends Reunited top of the
same category for the Enterprise.

Spam: In September, the global ratio of spam in email traffic from new
and unknown bad sources, for which the recipient addresses were deemed
valid, was 73.5 percent, a decrease of 0.5 percent on the previous
month. When reviewing the overall spam rates on a quarterly basis, a
drop of 0.9 percent was observed since Q2 2007.

Viruses: This month, the global ratio of viruses in email traffic from
new and previously unknown bad sources destined for valid recipients was
1 in 48.8 emails (2.05 percent), an increase of 0.8 percent since last
month. Virus and trojan levels have declined steadily since 2006, with
the Q3 2007 rates of 1 in 67.2 emails being the highest quarterly level
since Q2 2006.

Phishing: With an increase of 0.6 percent, one in 87.2 emails comprises
of some form of phishing attack in September, the highest level to date.
When judged as a proportion of all email-borne threats such as viruses
and trojans, the number of phishing emails has risen by 9.7 percent to
56.0 percent of the malware threats intercepted in September. Over the
last quarter, phishing rates have increased from 1 in 232.0 to 1 in
124.3.

Geographical Trends:

* Israel continued to have the highest spam rate this month with
73.8 percent. Hong Kong was the second most highly spammed country
registering a 6.6 percent increase in spam since August.

* Japan had the lowest spam rate with 27.1 percent. Germany also
saw a sharp decrease of 10.2 percent in spam rates in the last month,
marking a quarterly decline of 6.63 percent

* India still remains the region most affected by viruses with 1
in 53 emails containing a virus. The largest rise in virus activity was
observed in the Netherlands where levels rose by 0.2 percent, from 1 in
750.1 emails in August to 1 in 303.3 emails in September.

Vertical Trends:

* The Agriculture sector is still ranked the most spammed sector
with 67.8 percent, marking a slight increase of 0.9 percent from the
previous month. Over the previous quarter this marks a continued
increase of 7.36 percent.

* Despite an increase of 3.3 percent, Finance remains the least
spammed sector; this is reflected in a large quarterly decrease of 11.13
percent.

* Since rising to the top of the virus chart in August, the
education sector continues to retain its position, with an increase of
0.25 percent in September.

* In contrast to being the most spammed, Agriculture is the sector
least affected by viruses with a further drop of 0.2 percent in
September contributing to a quarterly drop of 0.28 percent.

The September 2007 & Q3 MessageLabs Intelligence Report provides greater
detail on all of the trends and figures noted above, as well as more
detailed geographical and vertical trends. The full report is available
at http://www.messagelabs.com/intelligence.aspx.


See previous articles

    

See next articles












Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts