Risk
2/12/2013
01:06 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

U.S. Is Spam World Champion

One in 60 e-mails contained malware in January

Berlin, February 12, 2013 - It has been two years since Rustock, the world's biggest spam botnet, was shut down and in January 2013 the US was back at the top of the list of spam-generating countries. This is the lead story in the Eleven E-mail Security Report February 2013, which Eleven has released today. With a 10.6 percent share of the total spam volume in the German-speaking region, the US held the top spot, followed by India (6.9 percent), and Romania (6.6 percent), which was the leader in October and November 2012. Good news for Germany: with a 2.3 percent share at No. 13, German IP addresses were no longer in the top ten. Geographically, the distribution of the 10 biggest spammers was comparatively spread out in January 2013: four came from Asia, three from (Eastern) Europe, two from South America, and one from North America. All of the Western European countries have disappeared from the list.

Other important trends at a glance:

- The spam volume plunged in December and January. In December, it dropped by 40.9 percent and in January, by another 15.8 percent. The decline is in line with the trend of previous years: in both 2010/2011 and 2011/2012, the volume of spam dropped sharply at the end of the year.

- The phishing volume rose dramatically in January: the number of e-mails tagged as phishing jumped by 72.4 percent from December to January.

- Virus e-mails also rose in that period. The volume of known and new malware grew by 27% in January. Together, their share of the total e-mail volume reached 1.6 percent. This means that one in every sixty e-mails was transporting malware in January.

- The majority of spam, phishing, and malware campaigns are now country specific. For example, of all the e-mails sent to German recipients, the largest spam and malware waves, and the third-largest phishing wave were all written in German. Several German-language spam waves were also in the top ten.

- The share of spam in the total e-mail volume was 60% in January 2013. In November 2012, the share was 73.9 percent.

- The "classic" spam themes are trending downwards - for example, the share of casino spam, still the most popular spam theme, fell from 34.8 percent to 22.9 percent between November 2012 and January 2013. Pharma spam rose slightly from a record low of 7.9 percent to 12.9 percent. Fake luxury products remained at 4.4 percent. The "winner": dating spam at 18.6 percent.

- At the same time, the range of spam themes has clearly broadened. In January, 39% of the themes were classified as "other", while this number was 21.6 percent in November. One large spam campaign was launched in the name of a technical Web site for strawberry cultivation, for example.

For the complete Eleven E-mail Security Report, visit the Eleven Web site at www.eleven.de/eleven-security-reports.html.

Eleven security blog: www.eleven-securityblog.de

Eleven on Twitter: www.twitter.com/elevensecurity

Eleven E-mail Security Report

Six times a year, the Eleven E-mail Security Report summarizes current statistics and trends with regard to spam and malware. The Eleven research team analyzes the spam and virus e-mails checked by Eleven Managed E-mail Security Services and then compiles and interprets the results. Eleven checks over one billion e-mails every day, and has more than 45,000 installations worldwide.

Eleven - E-mail Security Made in Germany

The leading e-mail security provider from Germany, Eleven uses one-of-a-kind, proprietary eXpurgate technology. The company offers a spam filter and e-mail categorization service that reliably protects customers against spam and phishing e-mails, detects potentially dangerous e-mails, and is also able to differentiate between individual messages and all types of bulk e-mails. eXpurgate also provides a wide range of virus protection options and a high-performance e-mail fire wall.

Worldwide, over 45,000 companies of all sizes use the eXpurgate service. eXpurgate checks and categorizes more than one billion e-mails every day. In addition to Internet service providers and telecommunication service providers such as T-Online, O2, 1&1, and freenet, the list of Eleven customers includes numerous high-profile companies and public institutions such as Air Berlin, BMW, the Federal Association of German Banks, DATEV, Free University Berlin, Landesbank Berlin, RTL, SAP, ThyssenKrupp, and Tobit Software AG. More information at www.eleven.de.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.