Report: 90.4 Percent Of E-Mail Is Spam -- Security Today

Report: 90.4 Percent Of E-Mail Is Spam

May 29, 2009

Symantec Corp. recently announced the publication of its May 2009 MessageLabs Intelligence Report. The analysis highlights that spam experienced a further increase of 5.1 percent since last month, reaching heights of 90.4 percent. Also in May, MessageLabs Intelligence revealed that geographic location determines the time of day when spam is received, the data also highlights where spammers are most heavily concentrated.

The majority of this increase in spam in May was comprised of messages with very little content other than a subject line and valid hyperlink. Each hyperlink pointed to a different active profile on one of a number of major social networking environments. The profiles were likely created using random names and automated CAPTCHA-breaking tools. Moreover, the e-mails were sent from valid Webmail hosting providers, which means they were not spoofed, as has been the case in the past for these types of domains.

“As spam levels continue to increase, we are seeing existing attack techniques combine and morph into one” said Paul Wood, MessageLabs Intelligence senior analyst at Symantec. “In 2008 CAPTCHA-breaking, social networking spam and the use of webmail for spamming all became popular tactics. Today, the bad guys are using the three together as a triple threat to heighten the effectiveness of their spamming.”

Also this month, MessageLabs Intelligence revealed that geographic location determines when people receive spam. According to research conducted over a seven day period, analysis highlights that U.S. residents see spam peak between 9 and 10 a.m. local time and a drop overnight while Europeans are more likely to receive a steady stream of spam throughout the workday. Those in the Asia-Pacific region start their day with an inbox full of spam and see less trickling in throughout the day.

“These patterns suggest that spammers are more active during the U.S. working day,” Wood said. “This could be because most active spammers are based in the U.S., according to data from Spamhaus, or because this is when the spammers’ largest target audience is online and likely to respond.”

Image spam continued into May with Russian language “ransom-style” spam, reminiscent of traditional ransom messages constructed from letters cut out of newspapers. The content appears to read like a ransom message and is constructed from Russian characters taken from different font styles, however the subject line itself is unrelated translating into, “how to attract customers.” The use of the Russian language character set has become more popular in recent spam runs where the Russian character set is used to hide the English language content, a spamming technique deployed to avoid content folders.

Finally, in May MessageLabs Intelligence debunked a common misconception that cybercriminals are more likely to use less reputable web sites, like those containing adult content, to hide malware. However, the majority, 84.6 percent, of web site domains blocked in May for hosting malicious content were well-established domains more than a year old. Moreover, the number of new websites harboring malware identified daily declined from 3,561 in April to 1,149 in May supporting the trend that cybercriminals favor the more established domains.

“Spammers using better-known and thus more widely trusted web sites to host malware is reminiscent of the spammers who rely on well-known webmail and social networking environments to host spam content,” Wood said. “The trustworthy older domains can be compromised through SQL injection attacks while newer sites are more likely to be flagged as suspicious -- a temporary site set up with the sole purpose of distributing spam and malware -- and thus faster to get shutdown.”

Other report highlights:

Web security: Analysis of Web security activity shows that 34.2 percent of all web-based malware intercepted was new in May. MessageLabs Intelligence also identified an average of 1,149 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, a decrease of 67.7 percent since April.

Spam: In May 2009, the global ratio of spam in e-mail traffic from new and previously unknown bad sources was 90.4 percent (1 in 1.11 emails), an increase of 5.1 percent since April.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 317.8 e-mails (0.31 percent), a decrease of 0.01 percent since April. In May, 7.0 percent of email-borne malware contained links to malicious sites, a decrease of 6.3 percent since April.

Phishing: One in 279.7 e-mails (0.36 percent) comprised some form of phishing attack, an increase of 0.11 percent in the proportion of phishing attacks compared with April. When judged as a proportion of all email-borne threats such as viruses and Trojans, the number of phishing e-mails had remained unchanged at 89.7 percent of all e-mail-borne malware and phishing threats intercepted in May.

The May 2009 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at http://www.messagelabs.com/Threat_Watch/Intelligence_Reports.

Featured

Beyond Apps: Access Control for Today’s Residents

The modern resident lives in an app-saturated world. From banking to grocery delivery, fitness tracking to ridesharing, nearly every service demands another download. But when it comes to accessing the place you live, most people do not want to clutter their phone with yet another app, especially if its only purpose is to open a door. Read Now
- Access Control
Survey: 48 Percent of Worshippers Feel Less Safe Attending In-Person Services

Almost half (48%) of those who attend religious services say they feel less safe attending in-person due to rising acts of violence at places of worship. In fact, 39% report these safety concerns have led them to change how often they attend in-person services, according to new research from Verkada conducted online by The Harris Poll among 1,123 U.S. adults who attend a religious service or event at least once a month. Read Now
- Facility Security
AI Used as Part of Sophisticated Espionage Campaign

A cybersecurity inflection point has been reached in which AI models has become genuinely useful in cybersecurity operation. But to no surprise, they can used for both good works and ill will. Systemic evaluations show cyber capabilities double in six months, and they have been tracking real-world cyberattacks showing how malicious actors were using AI capabilities. These capabilities were predicted and are expected to evolve, but what stood out for researchers was how quickly they have done so, at scale. Read Now
- Artificial Intelligence
Why the Future of Video Security Is Happening Outside the Cloud

For years, the cloud has captivated the physical security industry. And for good reasons. Remote access, elastic scalability and simplified maintenance reshaped how we think about deploying and managing systems. Read Now
- Video Surveillance
UL Solutions Launches Artificial Intelligence Safety Certification Services

UL Solutions Inc., a global leader in safety science, today announced the launch of artificial intelligence (AI) safety certification services, enabling comprehensive assessments for evaluating the safety of AI-powered products. Read Now
- Artificial Intelligence

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Automatic Systems V07

Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.
Luma x20

Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”
A8V MIND

Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area.