Commtouch Releases Q2 Virus and Spam Statistics: Image Spam Causes Bandwidth Bloat; Also, Multi-Variant Viruses Elude Most Anti-Virus Solutions.MOUNTAIN VIEW, Calif. -- Attacks of image-based spam intensified in the second quarter of 2006, comprising 30 per cent of global spam on a single day, Commtouch (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on :CTCH CTCH Common Traffic Channel ) reports. On days when image-based spam achieves such a distribution peak, the global bandwidth and storage consumed by spam grows by more than 70 per cent. "Image-based spam may quickly cause IT resource overload if not dealt with properly," said Dan Yachin, Research Director EMEA (Europe, Middle East, Africa) Refers to that region of the world. For example, one might see products packaged differently for the UK, EMEA and Asia Pacific markets. Emerging Technologies at IDC, a leading analyst firm. "While textual spam messages cause loss of productivity, image spam An e-mail advertisement in the form of an image in the message rather than text in order to avoid detection as spam. Spam filters typically analyze words in a message, which is relatively fast, but scanning images with optical character recognition (OCR) to extract the text is slow. messages that are three times their size are a whole different ball game, causing a real bandwidth and storage crisis." The cost of storage becomes a crucial factor for large organizations that save all of their email, especially in the age of the Sarbanes-Oxley Act See SOX. and HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, compliance. For companies that do not block image-based spam at the perimeter, these bloated messages are often archived along with legitimate business email. Image-based spam weighs in at an average of 18 KB, more than three times the size of standard spam which averages 5.5 KB. Image Spam Distribution: Comprising 30% of Global Spam Image-based spam is a relatively new phenomenon, which commenced in the third quarter of 2005. It consists of images only, each of which contains tiny randomized ran·dom·ize tr.v. ran·dom·ized, ran·dom·iz·ing, ran·dom·iz·es To make random in arrangement, especially in order to control the variables in an experiment. changes to fool most anti-spam filters; in addition, since these email messages contain no text or URL URL in full Uniform Resource Locator Address of a resource on the Internet. The resource can be any type of file stored on a server, such as a Web page, a text file, a graphics file, or an application program. hyperlinks, they are a challenge for many anti-spam engines to block. Commtouch was one of the first vendors to publicize pub·li·cize tr.v. pub·li·cized, pub·li·ciz·ing, pub·li·ciz·es To give publicity to. publicize or -cise Verb [-cizing, -cized] a solution for blocking image-based spam, known as "Image Spam Defense." Commtouch's Recurrent Pattern Detection(TM) technology blocks spam without regard to the content of the message. During the last half of Q2, image-based spam reached distribution peaks around every two weeks, and diminished to just a fraction of a percent of global spam during the troughs in between. For example, on May 29, image-based spam was 30% of all global spam, and on June 3 it was a negligible percent of global spam. Commtouch calculated the following percentages of increased bandwidth and storage necessary for spam, for the three latest image-spam peaks in Q2:
Date Image Spam as Estimated
percent of Bandwidth
Global Spam and Storage
Increase
------------------- ------------------- ---------------
May 29, 2006 30% 70%
------------------- ------------------- ---------------
June 10, 2006 22% 50%
------------------- ------------------- ---------------
June 24, 2006 15% 35%
------------------- ------------------- ---------------
While the majority of image-based spam deals with US-based penny stocks Inexpensive issues of stock, typically selling at less than $1 a share, in companies that often are newly formed or involved in highly speculative ventures. Penny stocks are usually available for sale over-the-counter, that is, among brokers and customers themselves, as in traditional "pump-and-dump" scams, the messages are distributed from all over the world by vast "zombie A computer that has been covertly taken over in order to perform some nefarious task. It is estimated that millions of PCs around the world have been compromised and, under the control of a third party, routinely transmit messages unbeknownst to the user. " networks. Zombies Zombies Companies that continue to operate even though they are insolvent. Also known as living dead. Notes: It's advisable to avoid investing in zombies at all costs their life expectancies are highly unpredictable. or botnets are typically home computers that have unknowingly been hijacked for the use of spammers. End-users may not be aware that their computer is being used as a pawn in the spam war, since the zombie only activates itself at times when the user is not operating the computer. Spam-sending zombie software can install itself on a computer when a user clicks a hyperlink in a spam email, or opens a malicious email attachment See e-mail attachment. . "Our customers are pleased with Commtouch's Image Spam Defense, which is integrated into our Mailstream Manager," said Bernard Fraenkel, VP Engineering at Sendmail, a Commtouch OEM (Original Equipment Manufacturer) The rebranding of equipment and selling it. The term initially referred to the company that made the products (the "original" manufacturer), but eventually became widely used to refer to the organization that buys the products and partner. "While other companies' employees complain about their inboxes overflowing with heavy, annoying stock scams, our customers' users are not even aware that an image-based spam attack took place." Virus Trends: Rapid Attacks of Multiple Virus Variants While the first quarter of 2006 was characterized by wave after wave of high intensity, massive email borne virus attacks, the second quarter reflected a different pattern: rapid attacks of multiple variations of the same virus. Commtouch analysis has revealed that during Q2, email malware writers have been distributing a growing number of variants for each virus outbreak, all within a very short period of time. Such a distribution pattern of multiple versions of the same virus family ensures maximum evasion of signature-based or traditional anti-virus engines. "Traditional AV solutions are powerless to catch every variant of every virus family," said Amir Lev lev-, pref See levo-. , CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. of Commtouch. "Even if they catch the majority of viruses, some hazardous variations can still penetrate if they do not exactly match the heuristic rules set up to catch that virus family." Commtouch's approach complements traditional, signature-based anti-virus technology, and differs thoroughly in its method for blocking viruses. Rather than trying to detect viral signatures, Commtouch's RPD RPD Rapid RPD Radiation Protection Dosimetry RPD Rapid Product Development RPD Rochester Police Department RPD Recurrent Pattern Detection (Commtouch anti-spam engine) RPD Relative Percent Difference RPD Removable Partial Denture technology blocks viruses almost immediately after they are distributed, based on identifying their distribution patterns. Commtouch's Zero Hour(TM) Virus Protection OEM solution has been adopted and implemented by leading AV vendors, including F-Secure, Mirapoint, Tumbleweed tumbleweed, any of several plants, particularly abundant in prairie and steppe regions, that commonly break from their roots at maturity and, drying into a rounded tangle of light, stiff branches, roll before the wind, covering long distances and scattering seed as , G-Data, and AhnLab in Korea. To download a chart comparing the times various traditional AV vendors caught particular virus variants, see www.commtouch.com/viruscharts/June2006. Q2 2006: Major Spam Categories & Countries Based on Commtouch's ongoing analysis of billions of spam messages per month, at the end of the second quarter, the major categories of spam were:
Spam Category Percent of all
global spam
------------------- ---------------
Pharmaceuticals 32%
------------------- ---------------
Gifts 21%
------------------- ---------------
Finance/Mortgage 11%
------------------- ---------------
Pornography 9%
------------------- ---------------
Enhancers 7%
------------------- ---------------
Leading countries for spam-origination were:
Country Percentage of
spam
originating
-------------------- --------------
United States 43.09%
-------------------- --------------
China 10.17%
-------------------- --------------
Republic of Korea 3.83%
-------------------- --------------
Germany 3.49%
-------------------- --------------
Japan 3.10%
-------------------- --------------
Commtouch publishes regular spam and virus trend reports based on email distribution patterns gleaned from its global Detection Centers' analysis of over 2 billion messages per month. About Commtouch Commtouch Software Ltd. (NASDAQ:CTCH) is dedicated to protecting and preserving the integrity of the world's most important communications tool -- email. Commtouch has over 15 years of experience developing messaging software and is a global developer and provider of proprietary anti-spam and Zero-Hour virus protection solutions. Using core technologies including RPD (Recurrent Pattern Detection(TM)), the Commtouch Detection Center analyzes billions of email messages per month to identify new spam and malware outbreaks within minutes of their introduction into the Internet. Integrated by more than 40 OEM partners, Commtouch technology protects thousands of organizations, with over 35 million users in over 100 countries. Commtouch is headquartered in Netanya, Israel, and has a subsidiary in Mountain View, CA. For more information, see: www.commtouch.com, including the Commtouch online lab detailing spam statistics and charts. About Sendmail Sendmail, Inc. is a global provider of enterprise solutions for secure, dependable, and compliant messaging. Sendmail solutions help organizations eliminate unwanted messages, effectively manage their mail stream, and address regulatory compliance and corporate governance Corporate Governance The relationship between all the stakeholders in a company. This includes the shareholders, directors, and management of a company, as defined by the corporate charter, bylaws, formal policy, and rule of law. requirements. Customers across 33 countries and the majority of the Fortune 1000, rely on Sendmail for their end-to-end email security and infrastructure needs: gateway security, secure routing, policy management, internal and outbound mail management, quarantine quarantine (kwŏr`əntēn), isolation of persons, animals, places, and effects that carry or are suspected of harboring communicable disease. , and email access and storage. Sendmail is headquartered in Emeryville, CA, with offices and distributors in Europe, Asia, North and South America South America, fourth largest continent (1991 est. pop. 299,150,000), c.6,880,000 sq mi (17,819,000 sq km), the southern of the two continents of the Western Hemisphere. . Visit www.sendmail.com or call 1-87-SENDMAIL. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion