Nearly 90% of E-mails Companies Receive are Spam

A most recent study by researchers at PandaLabs, an online security firm, reveals that more than 90% of malware and spam attacks hit organizations' e-mail system each day.

Panda's study, which surveyed 430 Million e-mails coming to its consumers during 2008, found that merely 8.4% were legal. The security experts said that the vast amount of junk e-mails indicates that organizations are spending a lot of money to deal with them on their gateways and servers.

Moreover, the security firm said that during 2008, the most frequently found spam format continued to be sexual enhancement drugs. Furthermore, spam campaigns exploiting the global economic crisis also increased considerably throughout 2008. These campaigns involved fake diplomas and job offers that were responsible for 2.75% of the total spam, while phony loans and mortgage deals accounted for 4.75% of the total mails.

The firm further reported that networks of bot-infected computers continued to represent a major problem in 2008. More than 300,000 newly operated zombie systems were involved in sending unsolicited e-mails in Q4 2008.

The researchers also said that the amount of spam hitting consumers' inboxes fluctuated throughout 2008, reaching the peak level in Q2 2008 (April-June, 2008) at 94.27% of the total incoming e-mail.

However, spam received outnumbered the e-mail based malware attacks as they were responsible for merely 1.11% of the total e-mails analyzed by Panda. Moreover, among all e-mail borne malware, the Netsky.P worm, was the most common program detected in 2008, the researchers said.

The technique used by Netsky.P to activate involves exploitation of Windows Autorun facility that enables the e-mail attachments to be executed automatically. In that respect, this malware is really a multi-staged strike, say the security experts.

Summarizing the behavior of the e-mail-borne malware, Technical Director of PandaLabs, Luis Corrons, said that cyber miscreants usually launch a number of malware items with each increasing the possibilities of infection. Therefore, computers with up-to-date and hard to exploit could become a victim of infection if the attachment is executed, as reported by SecurityWatch on January 28, 2009.

Related article: Nearly 70% of Top 100 Sites Contain Malicious Content

» SPAMfighter News - 2/11/2009