Risk
5/27/2009
02:24 PM
Keith Ferrell
Keith Ferrell
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Spam Surge: 9 Out Of 10 E-mails Can't Be Good!

90% of all email was spam last month, according to Symantec's MessageLabs Intelligence Report, just released. The figure is up more than 5% in the last month. Good news, I guess, is that things can't get much more than 10% worse from here.

90% of all email was spam last month, according to Symantec's MessageLabs Intelligence Report, just released. The figure is up more than 5% in the last month. Good news, I guess, is that things can't get much more than 10% worse from here.The new MessageLabs Intelligence Report quantifies a number of trends, measured in April traffic, that give some insight into how the spammers are coming at us:

Spam runs on U.S. time: Spam levels peak in the U.S. between 9am and 10am, local. MessageLabs' conclusion is that either the most active spammers are based in the U.S., or that that first full hour of the workday is when recipients are likeliest to respond. My guess -- and it is a guess -- is that it's the latter; people settling in to work may be easier marks while the first cup of coffee is still warm than later in the day when they're preoccupied with other (one hopes more work-related) demands.

CAPTCHA can't catch 'em: The number of effective CAPTCHA-cracking tools is letting the spammers get around the random letter/number tests designed to keep spammers from getting around them; hence, the sharp increase in the number of phony social network and webmail accounts the spammers are creating. The report suggests that new, tougher CAPTCHA-esque technology on the horizon is driving spammers to CAPTCHA while the CAPTCHA-ing is good. Botnets are the base: Close to 60% of spam was botnet-generated, with the three most active bots accounting for more than a third of spam.

Social nets net spam: No news here that social networks, and free mail services are prime targets for address harvesting and malicious link distribution.

As I said at the outset, the spam situation, statistically, can't get much worse.

Bur of course it doesn't have to.

The complete MessagLabs Intelligence Report for May, 2009 can be downloaded here.

Looking to keep security high and security expenditures low? Check out bMighty bSecure SMB Security On A Budget, now available on-demand.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.