Products & Releases

Report: Malware Delivery Technique Focus On HTML Attachments

Standard brands used to spread malware, according to Commtouch's third quarter Internet Threats Trend Report
Sunnyvale, Calif. October 18, 2010 Use of malicious HTML email attachments increased significantly in the third quarter, Commtouch' (Nasdaq: CTCH) reported today in its third quarter Internet Threats Trend Report. The HTML attachments displayed phishing pages on the users local computer or redirected users to sites hosting malware or spam products.

The Q3 report examines the methodology within blended attacks, such as the Here You Have worm, which spread widely in September using Outlook contact lists from infected PCs. Both Here You Have and numerous fake LinkedIn invitations relied on a combination of social engineering and masked hyperlinks to lead users to websites with malware scripts.

During Q3, the PayPal, LinkedIn, CraigsList, Bell Canada, NewEgg and Amazon brands were used by spammers to inspire action by consumers. The report also features the unusual bedfellows of a pharmacy spam campaign based on solidarity with several European politicians and celebrities.

Commtouchs quarterly trend report reflects the results of its analysis of billions of Internet transactions daily within the companys cloud-based GlobalView Network. With the acquisition of the Command Antivirus division of Authentium (now known as SafeCentral), Commtouch also has added the malware analysis capabilities of the Command AV labs.

Other highlights from the Q3 Trend Report include:

* Spam levels averaged 88% of all email traffic throughout the quarter, peaking at over 95% in mid-September with 198 billion spam/phishing messages per day. By comparison, Q2 spam levels averaged 80% of all email, with 179 billion spam/phishing messages per day.

* Approximately 339,000 zombies were activated daily, almost 30,000 more per day than in the previous quarter.

* The most popular spam topic this quarter was pharmacy (59% of all spam).

* For the third quarter running, pornography/sexually explicit material is the website category most likely to include malware.

* India keeps its title for the second quarter in a row as the country with the most zombies 14% of all zombies worldwide.

* Streaming media/downloads continues to be the most popular topic for blog creators in the Web 2.0 sphere of user-generated content.

The increased use of HTML attachments shows how prominent the multi-stage attack vector has become, said Asaf Greiner, Commtouch vice president, products. The blended nature of malicious activity further highlights the need for an integrated security offering that can block spam and malware emails, prevent users from visiting malicious Web sites and delete malware files and scripts.

Commtouch Recurrent Pattern Detection, GlobalView technologies and multi-layered Command Antivirus identify and block Internet security threats. More details, including samples and statistics, are available in the Commtouch Q3 2010 Internet Threats Trend Report, available at

NOTE: Reported global spam levels are based on Internet email traffic as measured from unfiltered data streams, not including internal corporate traffic. Therefore global spam levels will differ from the quantities reaching end user inboxes, due to several possible layers of filtering.

About Commtouch Commtouch' (NASDAQ: CTCH) provides proven Internet security technology to more than 150 security companies and service providers for integration into their solutions. Commtouchs GlobalView and patented Recurrent Pattern Detection (RPD) technologies are founded on a unique cloud-based approach, and work together in a comprehensive feedback loop to protect effectively in all languages and formats. Commtouchs Command Antivirus utilizes a multi-layered approach to provide award winning malware detection and industry-leading performance. Commtouch technology automatically analyzes billions of Internet transactions in real-time in its global data centers to identify new threats as they are initiated, enabling our partners and customers to protect end-users from spam and malware, and enabling safe, compliant browsing. The companys expertise in building efficient, massive-scale security services has resulted in mitigating Internet threats for thousands of organizations and hundreds of millions of users in 190 countries. Commtouch was founded in 1991, is headquartered in Netanya, Israel, and has a subsidiary with offices in Sunnyvale, California and Palm Beach Gardens, Florida.

Stay abreast of the latest news at the Commtouch Caf: For more information about enhancing security offerings with Commtouch technology, see or write to [email protected].

Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.

Commtouch Contact: Amy Kenigsberg US: 1-913-440-4072

Int'l: +972-9-794-1681

[email protected]