‫ Summary of Symantec Intelligence Report: February 2012

IRCRE201206102
 
Date: 2012-06-18
 
February edition of the Symantec Intelligence report provides the latest analysis of cyber security threats, trends and insights from the Symantec Intelligence team concerning malware, spam, and other potentially harmful business risks. The data used to compile the analysis for this report includes data from January and February 2012.
Spam
In February, the global ratio of spam in email traffic fell by 1.0 percentage points since January, to 68.0 percent (1 in 1.47 emails). This follows the continuing trend of global spam levels diminishing gradually since the latter part of 2011.
As the global spam rate increased, Saudi Arabia remained the most spammed geography in February; with a spam rate of 76.2 percent.
In the US, 68.9 percent of email was spam and 68.5 percent in Canada. The spam level in the UK was 68.6 percent. In The Netherlands, spam accounted for 70.0 percent of email traffic, 67.9 percent in Germany, 68.8 percent in Denmark and 68.3 percent in Australia. In Hong Kong, 67.9 percent of email was blocked as spam and 67.0 percent in Singapore, compared with 65.1 percent in Japan. Spam accounted for 68.8 percent of email traffic in South Africa and 72.4 percent in Brazil.
Moreover, the automotive sector overtook Education to become the most spammed industry sector in February, with a spam rate of 70.9 percent; the spam rate for the Education sector was 70.6 percent. The spam rate for the Chemical & Pharmaceutical sector was 68.9 percent, compared with 68.4 percent for IT Services, 68.6 percent for Retail, 68.5 percent for Public Sector and 68.0 percent for Finance.
The spam rate for small to medium-sized businesses (1-250) was 68.3 percent, compared with 68.9 percent for large enterprises (2500+).
 
Spam Attack Vectors
The proportion of spam that contained a malicious attachment or link increased toward the end of the previous month, with two major spikes of spam activity during the first half of the period, as shown in the chart below.
 
Phishing Analysis
In February, the global phishing rate increased by 0.01 percentage points, taking the global average rate to one in 358.1 emails (0.28 percent) that comprised some form of phishing attack.
Phishing levels for the US were one in 1,145 and one in 379.9 for Canada. In Germany phishing levels were one in 797.6, one in 330.9 in Denmark.
Analysis of Phishing Web sites
Overall, the number of phishing Web sites decreased by 0.9 percent in February compared with the previous month. The number of phishing Web sites created by automated toolkits decreased by approximately 0.7 percent, accounting for approximately 42.8 percent of phishing Web sites, including attacks against well-known social networking Web sites and social networking apps.
The number of unique phishing domains decreased by 1.2 percent and phishing Web sites using IP addresses in place of domain names (for example, http://255.255.255.255), increased by 21.0 percent. The use of legitimate Web services for hosting phishing Web sites accounted for approximately 5.8 percent of all phishing Web sites, a decrease of 2.0 percent compared with the previous month. The number of non-English phishing Web sites decreased by 6.3 percent.
Of the non-English phishing Web sites Portuguese, French, Italian and Spanish were among the highest in February.
 
Tactics of Phishing Distribution
 
Organizations Spoofed in Phishing Attacks, by Industry
Email-borne Threats
The global ratio of email-borne viruses in email traffic was one in 274.0 emails (0.37 percent) in February, an increase of 0.03 percentage points since January.
In February, 27.4 percent of email-borne malware contained links to malicious Web sites, 1.6 percentage points lower than January.
Web-based Malware Threats
In February, Symantec Intelligence identified an average of 2,305 Web sites each day harboring malware and other potentially unwanted programs including spyware and adware; an increase of 9.7 percent since January. This reflects the rate at which Web sites are being compromised or created for the purpose of spreading malicious content. Often this number is higher when Web-based malware is in circulation for a longer period of time to widen its potential spread and increase its longevity.
As detection for Web-based malware increases, the number of new Web sites blocked decreases and the proportion of new malware begins to rise, but initially on fewer Web sites. Further analysis reveals that 31.5 percent of all malicious domains blocked were new in February; a decrease of 8.4 percentage points compared with January. Additionally, 13.0 percent of all Web-based malware blocked was new in February; a decrease of 2.2 percentage points since January.
 
 
Source:
 
 
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 11 تیر 1391

دسته‌ها

امتیاز

امتیاز شما
تعداد امتیازها:0