Spammers have become adept at using the most familiar Internet names to give deceptive legitimacy to the billions of emails that they send. For example, between five to ten percent of all spam appears to originate from Gmail accounts. This quarter's trend report analyzes the percentage of spam that actually emanates from Gmail.
Gmail's message style, as well as those of PayPal and Facebook, is frequently used by spammers and phishers as standard templates to prompt action by targets of spam or phishing. This quarter, a phishing attack directed at Blogger and Google users was based on a template using techniques effectively downplaying the "phishy" nature of the email.
Another spam attack described in the report utilized the CNN site as a waypoint en-route to a work-at-home scam.
Commtouch's quarterly trend report is based on the analysis of more than two billion email messages as well as the GlobalView URL database within the company's cloud-based global detection and classification centers.
Other highlights from the Q1 Trend Report include:
* Spam levels averaged 83% of all email traffic throughout the quarter, peaking at nearly 92% near the end of March and bottoming out at 75% at the start of the year.
* Pharmacy spam remained in the top spot with 81% of all spam messages, maintaining last quarter's average, as did the number 2 topic, replicas, which maintained its average of 5.4%.
* An average of 305,000 zombies were activated daily to inflict malicious activity.
* While Brazil continues to produce the most zombies, its numbers decreased in the first quarter. In Q4 2009, it was responsible for 20.4% of global zombie activity. In Q1 2010, that number dropped to 14%.
* The Mal/Bredo malware had 838 variants during the quarter.
* Sites in the "sex education" and "games" categories topped the list of Web categories likely to host hidden phishing pages.
* "Pornography" has replaced "business" as the Web site category most infected with malware.
* In the Web 2.0 sphere of user-generated content, entertainment (music, television, movies, reviews, etc.) is the most popular topic for blog creators.
"Spammers and cybercriminals use experimentation to reach their goals," said Asaf Greiner, Commtouch vice president, products. "They are always testing new techniques to lure their victims, from using familiar formats and domains to creating entirely new ways to entice action."
Commtouch Recurrent Pattern Detection and GlobalView technologies identify and block messaging and Web security threats, including increasingly malicious malware and phishing outbreaks. More details, including samples and statistics, are available in the Commtouch Q1 2010 Internet Threats Trend Report, available from Commtouch Labs at http://www.commtouch.com/download/1679.
NOTE: Reported global spam levels are based on Internet email traffic as measured from unfiltered data streams, not including internal corporate traffic. Therefore global spam levels will differ from the quantities reaching end user inboxes, due to several possible layers of filtering.
Commtouch' (NASDAQ: CTCH) provides proven messaging and Web security technology to more than 130 security companies and service providers for integration into their solutions. Commtouch's GlobalView and patented Recurrent Pattern Detection (RPD) technologies are founded on a unique cloud-based approach and work together in a comprehensive feedback loop to protect effectively in all languages and formats. Commtouch technology automatically analyzes billions of Internet transactions in real-time in its global data centers to identify new threats as they are initiated, protecting email infrastructures and enabling safe, compliant browsing. The company's expertise in building efficient, massive-scale security services has resulted in mitigating Internet threats for thousands of organizations and hundreds of millions of users in 190 countries. Commtouch was founded in 1991, is headquartered in Netanya, Israel, and has a subsidiary in Sunnyvale, Calif.
Stay abreast of the latest messaging and Web threat trends all quarter long at the Commtouch Caf: http://blog.commtouch.com. For more information about enhancing security offerings with Commtouch technology, see http://www.commtouch.com or write [email protected]
Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch is a registered trademark, of Commtouch Software Ltd. U.S. Patent No. 6,330,590 is owned by Commtouch.
US: 913-440-4072 (+7 ET)
Int'l: +972-9-794-1681 (+2 GMT)