Risk
2/12/2013
01:06 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

U.S. Is Spam World Champion

One in 60 e-mails contained malware in January

Berlin, February 12, 2013 - It has been two years since Rustock, the world's biggest spam botnet, was shut down and in January 2013 the US was back at the top of the list of spam-generating countries. This is the lead story in the Eleven E-mail Security Report February 2013, which Eleven has released today. With a 10.6 percent share of the total spam volume in the German-speaking region, the US held the top spot, followed by India (6.9 percent), and Romania (6.6 percent), which was the leader in October and November 2012. Good news for Germany: with a 2.3 percent share at No. 13, German IP addresses were no longer in the top ten. Geographically, the distribution of the 10 biggest spammers was comparatively spread out in January 2013: four came from Asia, three from (Eastern) Europe, two from South America, and one from North America. All of the Western European countries have disappeared from the list.

Other important trends at a glance:

- The spam volume plunged in December and January. In December, it dropped by 40.9 percent and in January, by another 15.8 percent. The decline is in line with the trend of previous years: in both 2010/2011 and 2011/2012, the volume of spam dropped sharply at the end of the year.

- The phishing volume rose dramatically in January: the number of e-mails tagged as phishing jumped by 72.4 percent from December to January.

- Virus e-mails also rose in that period. The volume of known and new malware grew by 27% in January. Together, their share of the total e-mail volume reached 1.6 percent. This means that one in every sixty e-mails was transporting malware in January.

- The majority of spam, phishing, and malware campaigns are now country specific. For example, of all the e-mails sent to German recipients, the largest spam and malware waves, and the third-largest phishing wave were all written in German. Several German-language spam waves were also in the top ten.

- The share of spam in the total e-mail volume was 60% in January 2013. In November 2012, the share was 73.9 percent.

- The "classic" spam themes are trending downwards - for example, the share of casino spam, still the most popular spam theme, fell from 34.8 percent to 22.9 percent between November 2012 and January 2013. Pharma spam rose slightly from a record low of 7.9 percent to 12.9 percent. Fake luxury products remained at 4.4 percent. The "winner": dating spam at 18.6 percent.

- At the same time, the range of spam themes has clearly broadened. In January, 39% of the themes were classified as "other", while this number was 21.6 percent in November. One large spam campaign was launched in the name of a technical Web site for strawberry cultivation, for example.

For the complete Eleven E-mail Security Report, visit the Eleven Web site at www.eleven.de/eleven-security-reports.html.

Eleven security blog: www.eleven-securityblog.de

Eleven on Twitter: www.twitter.com/elevensecurity

Eleven E-mail Security Report

Six times a year, the Eleven E-mail Security Report summarizes current statistics and trends with regard to spam and malware. The Eleven research team analyzes the spam and virus e-mails checked by Eleven Managed E-mail Security Services and then compiles and interprets the results. Eleven checks over one billion e-mails every day, and has more than 45,000 installations worldwide.

Eleven - E-mail Security Made in Germany

The leading e-mail security provider from Germany, Eleven uses one-of-a-kind, proprietary eXpurgate technology. The company offers a spam filter and e-mail categorization service that reliably protects customers against spam and phishing e-mails, detects potentially dangerous e-mails, and is also able to differentiate between individual messages and all types of bulk e-mails. eXpurgate also provides a wide range of virus protection options and a high-performance e-mail fire wall.

Worldwide, over 45,000 companies of all sizes use the eXpurgate service. eXpurgate checks and categorizes more than one billion e-mails every day. In addition to Internet service providers and telecommunication service providers such as T-Online, O2, 1&1, and freenet, the list of Eleven customers includes numerous high-profile companies and public institutions such as Air Berlin, BMW, the Federal Association of German Banks, DATEV, Free University Berlin, Landesbank Berlin, RTL, SAP, ThyssenKrupp, and Tobit Software AG. More information at www.eleven.de.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

CVE-2014-2716
Published: 2014-12-19
Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System (RTLS) Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.