MessageLabs Intelligence: The Expanding Spammers Toolbox: Latest Stock Spam Technique Launched With 15 Million MP3 Emails
NEW YORK, NY and LONDON--(October 30, 2007 - www.AllPayNnews.com) - MessageLabs, the leading provider of messaging and web security services to businesses worldwide, today announced the results of its MessageLabs Intelligence Report for October 2007. The new data reveals that spammers have introduced MP3 music files into the expanding toolbox of stock spam techniques, with 15 million emails shaping the first spam run. Use of MP3 files is the latest tactic designed to sneak messages past spam filters and ultimately control the value of stock for nefarious reasons.
On October 17, MessageLabs intercepted the first copies of an estimated 15 million email spam run which lasted 36 hours and used StormWorm-infected computers to disseminate the emails. Purporting to be a legitimate music file, the MP3 file names were all music-related such as beatles.mp3, Britney.mp3 and elvis.mp3, and contained a rusty-sounding, 25-second voice-over touting the latest stock offering from Exit Only Incorporated. The voice was synthesized using a very low compression rate of 16 kHz to keep the overall file size small, at around 50 KB, to avoid detection.
Over recent months, spammers have been toying with different types of file attachments including text, html, image, ZIP, RAR, RTF and PDFs. Analysis of the MP3 spam suggests that this was the work of the cyber criminals responsible for sending out PDF spam in early October, highlighting the frequent interchanging of tools being used.
"The MP3 spam tactic is a natural progression for cyber criminals following runs of image, PDF and Excel junk mail earlier this year," said Mark Sunner, chief security analyst for MessageLabs. "As users become wary of certain file attachments, scammers will move on to their next tactic, ever hopeful of finding the key which will easily open all inboxes rather than having the door slammed in their face by anti-spam filters. Video spam and PowerPoint are both well anticipated so watch this space for the next format du jour."
This recent trend proves that spamming techniques are becoming more innovative. As image spam shifts from email attachments to images on free image-hosting sites, MessageLabs experts believe that it is only a matter of time before the spammers apply the same approach to audio spam and upload the message to free multimedia hosting sites such as YouTube, Google Video, MySpace or any number of sites competing in this new media market.
Other report highlights:
Web Security: Analysis shows that 45.9 percent of all web-based malware intercepted was new in October. MessageLabs identified approximately 1,100 new sites per day which harbored malware, an increase of 63 percent compared to September levels. Gambling sites appeared back in the top ten of policy-based filtering triggers and rose to fourth place for large enterprises.
Spam: In October, the global ratio of spam in email traffic from new and unknown bad sources, for which the recipient addresses were deemed valid, was 74.5 percent (1 in 1.34 emails), an increase of 1.0 percent on the previous month.
Viruses: This month, the global ratio of email-born viruses in email traffic from new and previously unknown bad sources destined for valid recipients was 1 in 161.5 emails (0.62 percent) in October, a decrease of 1.43 percent since the previous month. This decline is almost certainly linked with the fall in the number of StormWorm-related emails, particularly active in August and September. This takes the email virus rate to the lowest level since April 2007 when virus traffic accounted for 1 in 145.5 emails.
Phishing: October saw a decrease of 0.57 percent in the proportion of phishing attacks with one in 174.0 emails comprised of some form of phishing attack. Viewed as a proportion of all email-borne threats such as viruses and trojans, the number of phishing emails has risen by 36.8 percent to 92.8 percent of the malware threats intercepted in October, the highest level on record.
-- Israel continued to have the highest spam rate this month with 77.1
percent; however, the sharpest increase in spam this month among the top
five was again in Canada where levels rose by 5.6 percent, tied with China.
-- Sweden had the lowest spam rate with 25.9 percent.
-- Virus activity fell in India by 0.24 percent although it remained the
most targeted country. The largest rise in virus activity was observed in
Spain where levels rose by 0.29 percent, closely followed by Germany with
an increase of 0.25 percent.
-- The UK, China and Spain entered the top five this month, replacing
Austria, Ireland and Singapore.
-- Spam levels decreased across almost all sectors in October, with the
largest decrease noted in the Non-profit Sector, where spam fell by 9.6
-- Telecom has become the most targeted sector for spam despite a fall of
6.4 percent since September.
-- Education sector remains the most targeted sector for viruses although
virus levels fell by 0.25 percent since September.
-- Virus levels in Agriculture rose by 0.02 percent in October, although
Agriculture remains the least targeted sector in October.
The October 2007 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at http://www.messagelabs.com/intelligence.aspx.
MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.
MessageLabs is a leading provider of integrated messaging and web security services, with over 16,000 clients ranging from small business to the Fortune 500 located in more than 86 countries. MessageLabs provides a range of managed security services to protect, control, encrypt and archive communications across Email, Web and Instant Messaging.
These services are delivered by MessageLabs globally distributed infrastructure and supported 24/7 by security experts. This provides a convenient and cost-effective solution for managing and reducing risk and providing certainty in the exchange of business information. For more information, please visit www.messagelabs.com.
+1 646 519 8116
Hill and Knowlton for MessageLabs
+44 (0) 207 291 7939
Weber Shandwick for MessageLabs
+44 (0) 20 7067 0500
+61 2 8208 7171
+61 2 9954 3299