M86 Reveals Hike in Email-Based Attacks
While analyzing trends of cyber threats during the initial half of 2011, security experts from M86 Security Labs claimed that cyber crooks are upgrading attack techniques through combined, entrenched files or HTML attachments, as reported by marketwire on August 01, 2011. Regular updation in techniques enables cyber crooks to enhance their capability for attack and at the same time, increases e-threats.
Although Web-based attacks are quite common, attacks at RSA and Oak Ridge National Labs reveal that e-mail-based attack via malevolent attachments in e-mail drecreased their significance during the second half of 2010, as obvious from the increased amount of lesser than 1% to about 3% during the first half of 2010.
In other words, the volumes of spam e-mails have decreased in 2011. In accordance to the analysis recorded in a report, M86 Security Labs 2H2010 by M86 Security Labs, levels of spam marked a decrease by 1/3 compared to that during the previous levels.
During the first half of 2011, M86 Security Labs, an increase in targeted attacks witnessed the execution of Microsoft Excel files with embedded Flash (.swf) files. For anti-virus and other security solutions, the method undertaken in this kind of targeted attack against the RSA is quite difficult as both the components must be alienated for carrying analysis.
Till June 2011, 8 botnets were solely accountable for 93% of spam. While Spamit and Rustock followed closures, the other smaller botnets including Donbot and Xarvester augmented their market share.
With the advancement of time and technology, malevolent spam is increasing and cyber criminals are finding out techniques of coaxing users and executing malicious spam.
However, an increased phishing attacks are in the form of HTML attachment is on the rise for bypassing anti-spam and anti phishing filters in browsers. While describing in the M86 Security Labs report, security experts also noted about the HTML versions of banking websites to e-mails rather then linking intended victims with fake banking sites. As users access HTML files from their systems, these kinds of threats would not be shown by browsers with built-in security protection against phishing.
» SPAMfighter News - 09-08-2011