Spam Reaches All-Time High of 95% of All Email, Commtouch Reports.Among Greatest Threats: "Safe" appearing emails hyperlinked to malicious web sites SUNNYVALE, Calif. -- Commtouch[R] (Nasdaq: CTCH CTCH Common Traffic Channel ) today released its Email Threats Trend Report for the third quarter of 2007, based on the automated analysis of billions of email messages weekly. The report examines the appearance of new kinds of attachment spam such as PDF spam Using a PDF attachment in a spam message to fool the anti-spam detection methods. Spam originated with ordinary text, which can be easily scanned. Image spam came next, making it more difficult to detect; however, spam filters learned to recognize image spam patterns. and Excel spam together with the decline of image spam An e-mail advertisement in the form of an image in the message rather than text in order to avoid detection as spam. Spam filters typically analyze words in a message, which is relatively fast, but scanning images with optical character recognition (OCR) to extract the text is slow. , as well as the growing threat of innocent appearing spam containing links to malicious web sites. Highlights of the report include: * Global spam levels reached an all-time high of 95% of all emails at its peak during the quarter. * Blended threat Using several techniques to attack a computer system or network. After all, why adopt just one method when viruses, worms, Trojans and software vulnerabilities used in clever combinations can help to ensure that more systems are compromised and more people are harmed? See virus, worm, messages -- or spam messages with links to malicious URLs -- accounted for up to 8% of all global email traffic during the peaks of various attacks during the quarter. * One massive outbreak mid-quarter utilized over 11,000 dynamic zombie A computer that has been covertly taken over in order to perform some nefarious task. It is estimated that millions of PCs around the world have been compromised and, under the control of a third party, routinely transmit messages unbeknownst to the user. IP addresses to host malicious web sites. Leading zombie locations included the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. (36%) and Russia (8%). * Image spam declined to a level of less than 5% of all spam, down from 30% in the first quarter of 2007; also, image pump-and-dump spam has all but disappeared, with pornographic images taking its place. * PDF Spam represented 10-15% of all spam in early July and then dropped significantly, however a steady stream of PDF spam is still being maintained at 3-5% of all spam messages. * Pharmaceuticals and sexual enhancers were the most popular spam topics, at 30% and 23%, respectively. Blended Threats: Spam with Malware Hyperlinks Inside One technique which reached a new high during the quarter was innocent-appearing spam messages that contained hyperlinks to malware-sites. This type of spam utilizes vast zombie botnets to launch 'drive-by downloads' and evade detection by most anti-virus engines. Several blended spam attacks of this type focused on leisure-time activities, such as sports and video games See video game console. . Messages invited consumers to download "fun" software such as NFL NFL abbr. National Football League NFL (US) n abbr (= National Football League) → Fußball-Nationalliga game-tracking and video games from what appeared to be legitimate websites. Instead, consumers voluntarily downloaded malware onto their computers. "Blended spam demonstrates the ingenuity of spammers to attempt to evade detection," said Amir Lev lev-, pref See levo-. , Commtouch President and CTO (Chief Technical Officer) The executive responsible for the technical direction of an organization. See CIO and salary survey. . "Most anti-virus and anti-spam technologies are not capable of blocking these types of messages, so the malware threats are allowed to penetrate the users' computers." New Spam Tricks Spammers experimented with several new techniques to slip past anti-spam engines and into inboxes throughout the quarter. For example, they disguised messages in PDF (Portable Document Format) The de facto standard for document publishing from Adobe. On the Web, there are countless brochures, data sheets, white papers and technical manuals in the PDF format. , Excel, and other popular file formats. This simple trick fools many anti-spam technologies and end users alike, whose guards may be down when they see the popular file attachment ending. "Spammers and malware distributors are the ultimate in test marketers," Lev continued. "They keep trying different techniques to bypass spam filters and ensure that their messages have high response rates. In the future, I expect to see other file formats such as Word and Powerpoint used for a similar purpose." More details, including samples of PDF spam and spam messages containing malware, are presented in the Commtouch Q3 2007 Email Threats Trends Report, available from Commtouch Labs at: http://www.commtouch.com/downloads/Commtouch_2007_Q3_Email_Threats.pdf Commtouch Recurrent Pattern Detection Technology Defends Inboxes Commtouch's Recurrent Pattern Detection[TM] (RPD RPD Rapid RPD Radiation Protection Dosimetry RPD Rapid Product Development RPD Rochester Police Department RPD Recurrent Pattern Detection (Commtouch anti-spam engine) RPD Relative Percent Difference RPD Removable Partial Denture ) technology protects against spam and virus attacks in real-time as they are mass-distributed over the Internet. The unique content-agnostic technology detects and blocks spam in any language and is highly effective against various types of attachment spam and blended spam/malware threats. Commtouch's GlobalView[TM] Reputation Service dynamically blocks spam at the network perimeter based on the reputation of the sender. About Commtouch Commtouch Software Ltd. (NASDAQ: CTCH) is dedicated to protecting and preserving the integrity of the world's most important communications tool -- e-mail. Commtouch has over 16 years of experience developing messaging software and is a global developer and provider of proprietary anti-spam, Zero-Hour[TM] virus protection and Reputation Service solutions. Using core technologies including RPD (Recurrent Pattern Detection), the Commtouch Detection Center analyzes billions of email messages per week to identify new spam and malware outbreaks within minutes of their introduction into the Internet. Integrated by scores of OEM (Original Equipment Manufacturer) The rebranding of equipment and selling it. The term initially referred to the company that made the products (the "original" manufacturer), but eventually became widely used to refer to the organization that buys the products and partners, Commtouch technology protects thousands of organizations, with hundreds of millions of users in over 100 countries. Commtouch is headquartered in Netanya, Israel, and has a subsidiary in Sunnyvale, Calif. For more information, see: http://www.commtouch.com. The site includes the Commtouch online lab detailing spam statistics and charts. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch is a registered trademark, of Commtouch Software Ltd. U.S. Patent No. 6,330,590 is owned by Commtouch. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion