Risk
2/12/2013
01:06 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

U.S. Is Spam World Champion

One in 60 e-mails contained malware in January

Berlin, February 12, 2013 - It has been two years since Rustock, the world's biggest spam botnet, was shut down and in January 2013 the US was back at the top of the list of spam-generating countries. This is the lead story in the Eleven E-mail Security Report February 2013, which Eleven has released today. With a 10.6 percent share of the total spam volume in the German-speaking region, the US held the top spot, followed by India (6.9 percent), and Romania (6.6 percent), which was the leader in October and November 2012. Good news for Germany: with a 2.3 percent share at No. 13, German IP addresses were no longer in the top ten. Geographically, the distribution of the 10 biggest spammers was comparatively spread out in January 2013: four came from Asia, three from (Eastern) Europe, two from South America, and one from North America. All of the Western European countries have disappeared from the list.

Other important trends at a glance:

- The spam volume plunged in December and January. In December, it dropped by 40.9 percent and in January, by another 15.8 percent. The decline is in line with the trend of previous years: in both 2010/2011 and 2011/2012, the volume of spam dropped sharply at the end of the year.

- The phishing volume rose dramatically in January: the number of e-mails tagged as phishing jumped by 72.4 percent from December to January.

- Virus e-mails also rose in that period. The volume of known and new malware grew by 27% in January. Together, their share of the total e-mail volume reached 1.6 percent. This means that one in every sixty e-mails was transporting malware in January.

- The majority of spam, phishing, and malware campaigns are now country specific. For example, of all the e-mails sent to German recipients, the largest spam and malware waves, and the third-largest phishing wave were all written in German. Several German-language spam waves were also in the top ten.

- The share of spam in the total e-mail volume was 60% in January 2013. In November 2012, the share was 73.9 percent.

- The "classic" spam themes are trending downwards - for example, the share of casino spam, still the most popular spam theme, fell from 34.8 percent to 22.9 percent between November 2012 and January 2013. Pharma spam rose slightly from a record low of 7.9 percent to 12.9 percent. Fake luxury products remained at 4.4 percent. The "winner": dating spam at 18.6 percent.

- At the same time, the range of spam themes has clearly broadened. In January, 39% of the themes were classified as "other", while this number was 21.6 percent in November. One large spam campaign was launched in the name of a technical Web site for strawberry cultivation, for example.

For the complete Eleven E-mail Security Report, visit the Eleven Web site at www.eleven.de/eleven-security-reports.html.

Eleven security blog: www.eleven-securityblog.de

Eleven on Twitter: www.twitter.com/elevensecurity

Eleven E-mail Security Report

Six times a year, the Eleven E-mail Security Report summarizes current statistics and trends with regard to spam and malware. The Eleven research team analyzes the spam and virus e-mails checked by Eleven Managed E-mail Security Services and then compiles and interprets the results. Eleven checks over one billion e-mails every day, and has more than 45,000 installations worldwide.

Eleven - E-mail Security Made in Germany

The leading e-mail security provider from Germany, Eleven uses one-of-a-kind, proprietary eXpurgate technology. The company offers a spam filter and e-mail categorization service that reliably protects customers against spam and phishing e-mails, detects potentially dangerous e-mails, and is also able to differentiate between individual messages and all types of bulk e-mails. eXpurgate also provides a wide range of virus protection options and a high-performance e-mail fire wall.

Worldwide, over 45,000 companies of all sizes use the eXpurgate service. eXpurgate checks and categorizes more than one billion e-mails every day. In addition to Internet service providers and telecommunication service providers such as T-Online, O2, 1&1, and freenet, the list of Eleven customers includes numerous high-profile companies and public institutions such as Air Berlin, BMW, the Federal Association of German Banks, DATEV, Free University Berlin, Landesbank Berlin, RTL, SAP, ThyssenKrupp, and Tobit Software AG. More information at www.eleven.de.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7830
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse cap...

CVE-2014-7831
Published: 2014-11-24
lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the moodle/grade:viewhidden capability before displaying hidden grades, which allows remote authenticated users to obtain sensitive information by leveraging the student role to access the get_grades web service.

CVE-2014-7832
Published: 2014-11-24
mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 performs access control at the course level rather than at the activity level, which allows remote authenticated users to bypass the mod/lti:view capability requirement by vi...

CVE-2014-7833
Published: 2014-11-24
mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 sets a certain group ID to zero upon a database-entry change, which allows remote authenticated users to obtain sensitive information by accessing the database after an edit by a teacher.

CVE-2014-7834
Published: 2014-11-24
mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3 does not verify group permissions, which allows remote authenticated users to access a forum via the forum_get_discussions web service.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?