Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


07:43 PM
Dark Reading
Dark Reading
Products and Releases

Commtouch Q1 Internet Threats Trend Report Highlights Strong Increase In Spam And Dangerous Email

100 billion spam and 1 billion malware emails daily

MCLEAN, Virginia, May 1, 2013 /PRNewswire/ --

Unwanted and dangerous email increased dramatically in the first quarter of 2013, according to a Q1 Internet Threats Trend Report issued by Commtouch(R)

(NASDAQ: CTCH), a leading provider of Internet security technology and cloud-based services. During the first quarter of 2013, an average of 97.4 billion spam emails and 973 million malware emails were sent worldwide each day.

In March, the number of daily spam emails significantly exceeded the 100 billion mark (117.8 billion).

Spam levels doubled between December 2012 and March 2013, a 98% increase.

Phishing also increased dramatically, with the number of phishing emails swelling to more than 74% in March, compared to the previous December.

The largest increase, however, could be observed with email-borne malware:

levels of emails carrying known malware were 157% higher in March than in December. For virus outbreaks, the increase was a stunning 290%.

The biggest part of this growth occurred in March. Compared to February, spam levels increased by 41%, known malware by 75%, and virus outbreaks by 124%. Only phishing volumes broke the trend, as they only increased by eight percent in March. The current increase is unusual in that historically spam and malware levels rarely correspond. In the past, when one category increased, the other often decreased or at least stagnated. The significance of the first quarter growth is underlined by comparisons with the respective volumes in March 2012: In March 2013, spam levels were 48% higher than the previous year, malware emails were 255% higher, and malware outbreaks were 251% higher. Only phishing levels decreased since March 2012.

Other report highlights:

- Pump and dump spam, also known as penny stock spam, one of the most

popular topics among spammers between 2006 and 2008, made a forceful comeback in Q1

after having all but disappeared in previous years. In March 2013, pump and dump spam

dominated the list of spam topics. Eighteen percent of the top 25 spam emails (with a

combined volume of 46% of all spam) were pump and dump mailings. The trick was

the same as in previous years. The emails advertise cheap shares with very small

trading volumes, indicating there was significant earning potential in them. If only a

few recipients can be fooled into buying the stock, the value will rise significantly

and the spammers who have bought shares at the lower price can cash in.

- In Web security, the first quarter of 2013 saw extensive usage of the

Blackhole exploit kit. The kit is installed on target Web sites allowing the

installation of drive-by malware. The JavaScript on the page scans the visiting system

to determine the versions of popular software. Once the kit has determined that there

is vulnerability, the relevant exploit is loaded, allowing the controller to gain a

foothold on the infected system. The Blackhole controller can then deliver further

malicious content.

- Current news events were extensively used to lure email users to Web sites

infected with malware. Fake email news alerts allegedly coming from CNN or the BBC

exploited breaking news stories, such as the election of the new pope and the

financial crisis in Cyprus. They linked to Web sites carrying the Blackhole exploit


- The United States was the largest source of spam in the first quarter of 2013,

topping the list of spam senders with a share of 9.1 percent of the overall volume.

The United States was followed by Belarus (6.5%), Spain (5.6%), Argentina (5.0%) and

India (4.3%).

"The dramatic rise in the quantity of unwanted and dangerous emails during the first quarter of 2013 shows that email communication is still one of the key attack vectors," said Avi Turiel, director of threat research and market analysis at Commtouch. "Email is still the most popular communication tool for private users and businesses alike, making it an attractive target for cybercriminals. The rise in both emails with malware attachments and drive-by-attacks also indicates that malware distributors don't shift their focus from one attack vector to another. To the contrary, they diversify their attack methods in order to increase the efficiency of their campaigns and in order to bypass some anti-spam and antivirus measures."

The Commtouch Internet Threat Analysis Team regularly publishes related statistics within its report. The quarterly report is compiled based on a comprehensive analysis of billions of daily transactions handled by Commtouch's

GlobalView(TM) Cloud [http://www.commtouch.com/cloud ].

To view the Commtouch Q1 Internet Threats Trend Report, visit:


About Commtouch

Commtouch(R) (NASDAQ: CTCH) is a leading provider of Internet security technology and cloud-based services for vendors and service providers, increasing the value and profitability of our customer's solutions by protecting billions of Internet transactions on a daily basis. With 12 global data centers and award-winning, patented technology, Commtouch's email, Web, and antivirus capabilities easily integrate into our customers' products and solutions, keeping safe more than 350 million end users. To learn more, visit http://www.commtouch.com.


Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/3/2020
Pen Testers Who Got Arrested Doing Their Jobs Tell All
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/5/2020
Researcher Finds New Office Macro Attacks for MacOS
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/7/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-08-10
A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.
PUBLISHED: 2020-08-10
Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
PUBLISHED: 2020-08-10
Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
PUBLISHED: 2020-08-10
A security misconfiguration exists in Combodo iTop, which can expose sensitive information.
PUBLISHED: 2020-08-10
Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.