IT Today Catalog Auerbach Publications ITKnowledgebase IT Today Archives infosectoday.com Book Proposal Guidelines IT Today Catalog Auerbach Publications ITKnowledgebase IT Today Archives infosectoday.com Book Proposal Guidelines
Auerbach Publications

IT Performance Improvement

Management

Security

Networking and Telecommunications

Software Engineering

Project Management

Database

Free Subscription to IT Today





Powered by VerticalResponse

 
Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, Second Edition
Computer Forensics: Evidence Collection and Management
Wireless Crime and Forensic Investigation
Data Protection: Governance, Risk Management, and Compliance
IT Auditing and Sarbanes-Oxley Compliance: Key Strategies for Business Improvement
How to Achieve 27001 Certification: An Example of Applied Compliance Management
Complete Guide to Security and Privacy Metrics: Measuring Regulatory Compliance, Operational Resilience, and ROI

Cybercriminals Increase Effectiveness with Multi-stage Attacks

Fraud and Spam Activity Combines Messaging, the Web, and Social Engineering to Increase Success Rates

July 14, 2010 -- Commtouch today released its Internet Threats Trend Report for Q2 2010 and video highlights from the report.

Cybercriminals have been increasing the effectiveness of their individual outreach by creating multi-stage, also known as blended, attacks, which combine messaging and Web elements. They use email or search engine results to lure victims to sites hosting spam advertising, malware, or phishing. The Q2 report analyzes the many methods fraudsters, malware distributors and spammers use to inspire their victims to action, such as leveraging trusted brands like Apple and Google; holidays, such as Mother's Day; or current events, for example, the Football World Cup.

During Q2, Gmail and Yahoo kept the top spots as far as spoofed domains for email distribution, but they have been joined in the top six by Twitter. The Twitter domain was faked in a widespread mailing designed to lure users to a "password reset" Web page that contained malware.

Commtouch's quarterly trend report is based on the analysis of more than two billion email messages daily, as well as the GlobalView URL database, within the company's cloud-based GlobalView Network.

Other highlights from the Q2 Trend Report include:

  • Spam levels averaged 82% of all email traffic throughout the quarter, bottoming out at 71% at the start of May and peaking at nearly 92% near the end of June. These numbers are slightly lower than those detected in Q1 and equate to an average of 179 billion spam messages per day.
  • Pharmacy spam retained the top spot with 64 percent of all spam.
  • An average of 307,000 zombies were activated daily to inflict malicious activity, representing a slight increase over the prior quarter.
  • India, 13 percent of the world's total, has surpassed Brazil for the title of the country with the most zombies.
  • TDSS.17 was the most widely distributed email-borne virus, but the Mal/Bredo malware had the most variants - over 1800. This is more than double the variants of Q1.
  • Pornography remains the Web site category most infected with malware.
  • In the Web 2.0 sphere of user-generated content, streaming media/downloads is the most popular topic for blog creators.

"Cybercriminals have been forced to change their techniques to evade improved detection technology," said Asaf Greiner, Commtouch vice president, products. "Complex multi-stage attacks with improved social engineering are proving to be the preferred technique."

© Copyright 2010 Auerbach Publications