Cyberoam Discusses Major Spam Attacks in its Latest E-mail Threat Report
Security firm Cyberoam has announced its fourth quarter 2008 report on trends of e-mail threats prepared jointly with Commtouch. The main highlight of report is a sharp decline in worldwide spam during November 2008 touching 59%, the lowest level from a mean of 90+% in earlier months. This cut in spam volume to one-third of the usual amount is attributed to the closure of McColo, the provider of Web hosting facilities.
Another important issue the report addresses is the global financial crisis that spammers have been exploiting to attract unwitting e-mail recipients via fraudulent job offers, cash advances and instant loans.
According to the report, people also received a large number of US election oriented malware and spam through which the attackers aimed to load malicious code on users' PCs or to steal their private information.
Security experts further said that Barack Obama had been a lucrative subject for spammers who ran several campaigns of malware/spam messages purporting to be a sex scandal on Obama and downloads of his acceptance speech. The spam mails were sent from zombies or home PCs compromised by malware distributors and spammers for intermittent distribution of spam.
According to Abhilash Sonwane, Vice President-Product Management of Cyberoam, these kinds of attacks stay only for short period and vanish before they are detected, as reported by DarkReading on January 22, 2009. Sonwane states the only safeguard against such kinds of attacks is a security solution that blocks the inflow of zombie-generated spam.
Moreover, the report discloses that spam scammers used legitimate tools and sites such as Google Docs and web-based e-mails to propagate malware during Q4 2008. Exploiting Google's reputation, attackers sent e-mails that carried Google Docs links to bypass conventional anti-spam software.
Sonwane also said that end-users' security solutions should be designed on the basis of the style in which messages are distributed for effective identification of malware/spam. Secondly, solutions that filter content must not only be for home pages, but also the remaining pages of the site so that visitors could be prevented from accessing any malware-laden page, he said.
Related article: Cyberoam Release Q3 2008 Report on E-Mail Threats
» SPAMfighter News - 31-01-2009