Advanced Threat Intelligence Finds Notable Rise in Email Threats May 4, 2006; 08:42 AM Scotts Valley, Calif. – SurfControl (LSE: SRF), the
global leader in Internet protection, has released their findings on
growing threats to email security. Using SurfControl’s Adaptive Threat
Intelligence (ATI), SurfControl’s Global Threat Experts have compiled
threat trend data for the first quarter of 2006.
In the first quarter of 2006, threat experts found that product and
services-related spam has shown consistent growth of 16 percent month
over month. The increase is partly attributable to Russian and Chinese
coverage, where spam can be more generic, such as training courses,
shopping and forum sites. This double-digit growth was also seen with
phishing and fraud spam attacks.
Additionally, there was a significant rise in the amount of
pharmaceutical and finance-related spam, together representing 80
percent of spam volume. Stock tip embedded spam is still the most
prevalent type of spam, claiming 40 percent of all financial spam, with
1,200,000 instances discovered in March 2006 alone. Embedded spam is
defined as when the entire message is contained within a graphic, and
has no extraneous text.
New spammer techniques used to avoid reputation-type services also are noteworthy:
1. Spammers increased the use of free redirection services to score
legitimate points against domain reputation technology. Common
redirectors are Google.com.
2. In South America, and other regions, free hosts, such as AOL,
are being used by spammers to host popular malicious executables and
keyloggers.
3. SurfControl also found an increase in remote foreign domain
extensions, such as .cc, .sh, .in. Using these extensions increases
potential vulnerabilities because all iterations of these domains may
not be immediately or easily available globally in WHOIS directories.
Ahead of the Game
The SurfControl Adaptive Threat Intelligence service combines 24/7
research and analysis from the company’s global team of threat
detection experts with advanced AI technologies and the world’s most
comprehensive threat databases. Signatures are constantly added by
category to the Anti-Spam Agent Digital Fingerprints Database and new
Heuristic rules are created. In addition, all URLs used in spam and
phishing attacks are added to the appropriate categories, including
Spam URLs and Phishing & Fraud in SurfControl’s Internet Threat
Database that is the critical back-end to the SurfControl Enterprise
Protection Suite.
Analysis was done on hundreds of thousands of spam signature profiles
from SurfControl’s proprietary Digital Fingerprint Database. These
signatures represent several hundred million spam attacks globally.
|