informa
4 min read
article

Web Malware Jumps 21% in October: Report

Not only did the rate of Web-delivered malware increase sharply in October, the month ended as the single highest month of 2008, according to ScanSafe's Global Threat Report
LONDON and SAN FRANCISCO, Calif. - November 18, 2008 - In its monthly Global Threat Report issued today, ScanSafe, the pioneer and leading provider of SaaS Web Security, reported that not only did the rate of Web-delivered malware increase sharply in October, the month ended as the single highest month of 2008. Given that 2008 has been the highest year on record for Web-delivered malware, this outcome is particularly concerning.

According to the latest ScanSafe Global Threat Report, 65% of malware blocks in October 2008 resulted from visits to compromised websites.

"Web users can no longer associate malware with inappropriate sites," comments Mary Landesman, senior security researcher at ScanSafe. "The ongoing compromises of known legitimate websites aren't measured in the hundreds, or thousands, or even tens of thousands, but rather can be counted in the millions. Once compromised, these sites become virtual conveyor belts of malware, attacking each Web surfer that visits."

In its latest report, ScanSafe also noted that in October 2008, 13% of all Web malware blocks were from encounters with backdoors and password stealers. This is alarming given that the vast majority of all Web-based malware is blocked at the initial stage of encounter and thus indicates attackers are increasingly employing methods that allow them to engage more directly with users.

"Direct encounters typically result from some form of social engineering indicating that cyber criminals are increasingly targeting their victims," adds Landesman. "We have even seen some specific targeting towards Facebook users which represented 1.5% of all Web malware blocks in October. Given the increasingly sophistication of cyber criminals, the consequences of not having real-time threat protection in place is more severe now than ever."

The risk of Web malware encounters from search engine results pages is also higher than previous months, at 9.3% of all encounters.

The ScanSafe Global Threat Report represents the world's largest security analysis of real-world corporate Web traffic and is based on an analysis of more than 20 billion Web requests the company processed each month for customers in over 80 countries.

For a copy of the latest monthly ScanSafe Global Threat Report, please visit http://www.scansafe.com/__data/assets/pdf_file/9814/October_08_GTR.pdf

About ScanSafe

ScanSafe is the largest global provider of SaaS Web Security, ensuring a safe and productive Internet environment for businesses. ScanSafe solutions keep viruses and spyware off corporate networks and allow businesses to control and secure the use of the Web and instant messaging. As a fully managed service, ScanSafe's solutions require no hardware, upfront capital costs or maintenance and provide unparalleled real-time threat protection. Powered by its proactive, multilayered Outbreak Intelligence TM threat detection technology, ScanSafe processes more than 20 billion Web requests and 200 million blocks each month for customers in over 80 countries.

With offices in London and San Francisco, California, ScanSafe is privately owned and financed by Benchmark Capital and Scale Venture Partners. The company received the CNET Networks award for Security Product of the Year 2008, a 2007 CODiE award for Best Software as a Service Solution, the 2008 and 2007 SC Magazine Europe Award for Best Content Security Solution and was named one of Red Herring's Top 100 Technology companies. For more information, visit www.scansafe.com.

### Susie Bailey | Corporate Communications Manager, EMEA ScanSafe, The Connection, 198 High Holborn, London WC1V 7BD, United Kingdom T +44 (0) 20 7959 0648 | F +44 (0) 20 7959 0631 | M +44 (0)7875 360 437 [ Anywhere + is the CNET 2008 Security Product of the Year: CNET judges said "With security within the enterprise still causing headaches, extending protection to the mobile workforce is often an agony too far. Delivering security-as-a-service through mobile connectivity, ScanSafe has an answer that is a very good fit to the way people actually work." To find out more click here P Think of the environment. Do you need to print this email?