‫ Summary of Symantec Intelligence Report: September 2012

IRCRE201210115
 
Date: 2012-10-015
 
September edition of the Symantec Intelligence report provides the latest analysis of cyber security threats, trends and insights from the Symantec Intelligence team concerning malware, spam, and other potentially harmful business risks. The data used to compile the analysis for this report includes data from May through August 2012.
 
Spam Analysis
In September, the global ratio of spam in email traffic rose by 2.7 percentage point since August, to 75.0 percent (1 in 1.33 emails).
 
Saudi Arabia overtook SriLanka to become the most spammed geography in September, with a spam rate of 84.9 percent.
The Education sector was the most spammed industry sector in September, with a spam rate of 77.9 percent; the spam rate for the recreation sector was 77.6 percent. The spam rate for the non-Profit sector was 76.5 percent, compared with 76.2 percent for Gov/Public sector, 75.9 percent for Engineering Sector.
The spam rate for small to medium-sized businesses (1-250) was 75.6 percent, compared with 75.2 percent for large enterprises (2500+).
 
Spam Attack Vectors
September highlights the increase in spam emails resulting in NDRs (spam related non-delivery reports). In these cases, the recipient email addresses are invalid or bounced by their service provider.
 
NDR spam, as shown in the chart above, is often as a result of widespread dictionary attacks during spam campaigns, where spammers make use of databases containing first and last names and combine them to generate random email addresses. A higher-level of activity is indicative of spammers that are seeking to build their distribution lists by ignoring the invalid recipient emails in the bounce-backs. The list can then be used for more targeted spam attacks containing malicious attachments or links. This might indicate a pattern followed by spammers in harvesting the email addresses for some months and using those addresses for targeted attacks in other months.
 
Phishing Analysis
In September, the global phishing rate increased by 0.088 percentage points, taking the global average rate to one in 245.4 emails (0.41 percent) that comprised some form of phishing attack.
Analysis of Phishing Web sites
Overall phishing increased by about 4.46 percent this month. Unique domains increased by about 13 percent as compared to the previous month. Phishing websites that used automated toolkits decreased by 3 percent.
Phishing websites with IP domains (for e.g. domains like http://255.255.255.255) decreased by about 29 percent. Webhosting services comprised of 3 percent of all phishing, a decrease of 9 percent from the previous month. The number of non-English phishing sites decreased by 103 percent. Among non-English phishing sites, Portuguese, French, Italian, Portuguese, and Spanish were highest in September.
 Tactics of Phishing Distribution
 
Organizations Spoofed in Phishing Attacks, by Industry
 
Email-borne Threats
The global ratio of email-borne viruses in email traffic was one in 211.0 emails (0.47 percent) in September, an increase of 0.04 percentage points since August.
In September, 22.2 percent of email-borne malware contained links to malicious websites, 2.6 percentage points lower than August.
 
Web-based Malware Threats
In September, Symantec Intelligence identified an average of 780 websites each day harboring malware and other potentially unwanted programs including spyware and adware; a decrease of 29.1 percent since August. This reflects the rate at which websites are being compromised or created for the purpose of spreading malicious content. Often this number is higher when Web-based malware is in circulation for a longer period of time to widen its potential spread and increase its longevity.
As detection for Web-based malware increases, the number of new websites blocked decreases and the proportion of new malware begins to rise, but initially on fewer websites. Further analysis reveals that 36.9 percent of all malicious domains blocked were new in September; a decrease of 4.9 percentage points compared with August. Additionally, 11.4 percent of all Web-based malware blocked was new in September; an increase of 1.1 percentage points since August.
 
 
 
 
The chart above shows the decrease in the number of new spyware and adware websites blocked each day on average during September compared with the equivalent number of Web-based malware websites blocked each day.
 
 
 
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 28 آبان 1391

دسته‌ها

امتیاز

امتیاز شما
تعداد امتیازها:0