Science & Technology 
Science and Technology
Science and Technology 
Wed, April 1, 2009
Tue, March 31, 2009
Symantec: Symantec Announces March and Q1 2009 MessageLabs Intelligence Report
CUPERTINO, CA--(Marketwire - March 31, 2009) - Symantec Corp. (
"Having been focused on email tactics for the latter half of 2008 and early 2009, the cyber criminals are varying their strategies, and turning their attention toward web-related tactics, so as not to become too predictable," said Paul Wood, MessageLabs Intelligence Senior Analyst, Symantec. "Their goals of financial gain and espionage remain the same, however."
Increasing by almost 200 percent, the steep rise in malicious websites revolved around the resurgence in using images containing injected scripts, such as JavaScript or VBScript. It appears to be an attempt to exploit a flaw in older browsers that appends the injected script to the end of the image's binary code, which can achieve monetary rewards through simulated online advertising.
Many of the websites used to host these images included free image hosting websites, and may potentially extend to some popular social networking and multimedia file-sharing sites that allow users to upload and share pictures. Malicious links sent through email and hosted on infected or compromised websites represent a growing area of risk for businesses as many attacks are designed to steal personal data and confidential information simply when users visit an infected site.
On March 26, the Melissa virus reached its tenth anniversary. In 1999, the virus sent an infected email entitled, "Here is that document you asked for ... don't show anyone else ;-)" to fifty email addresses. The virus spread so quickly that it overloaded email servers across the globe. Even today, Melissa is a permanent feature on the threat landscape with MessageLabs services still intercepting on average ten copies a month.
"Known by one name and iconic within the industry, Melissa is the virus that is credited with laying the foundation for the widespread use of botnets that has since allowed cyber criminals to spread malware rapidly and economically," Wood said. "Since intercepting the virus in March 1999, MessageLabs Anti-Virus service has stopped 108 different strains and more than 100,000 copies of the virus."
Finally, throughout Q1 2009, spammers have continued to rely on the economic recession to target their spam campaigns at consumers who are finding it more difficult to secure credit and are thus more vulnerable during uncertain times. MessageLabs Intelligence noted an increase in genuine emails being sent by cash-strapped individuals who have turned to email as a means of seeking charitable assistance from some businesses. These messages are small in volume by comparison with the wider volume of spam and phishing emails, but seemingly equally liable to provoke an inflamed response from many recipients who believe they are fakes or scams.
"The economy and other seasonal happenings, such as St. Patrick's Day and the US March Madness basketball tournament, remain predictable avenues for spammers, phishers and fraudsters to explore," said Wood. "It's not likely these spamming tactics will go away, but in the coming months we may see more non-traditional spamming techniques, like those from cash-strapped individuals seeking charity, begin to take hold."
Other report highlights:
Web security: Analysis of web security activity shows that 61.6 percent of all web-based malware intercepted was new in March. MessageLabs Intelligence also identified an average of 2,797 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 197.2 percent since February.
Spam: In March 2009, the global ratio of spam in email traffic from new and previously unknown bad sources was 75.7 percent (1 in 1.32 emails), an increase of 2.4 percent since February. Spam levels for Q1 2009 averaged 74.5 percent compared with 72.4 percent for Q4 2008.
Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 281.4 emails (0.36 percent), an increase of 0.03 percent since February. In March, 20.3 percent of email-borne malware contained links to malicious sites, an increase of 16.5 percent since February. Virus levels for Q1 2009 averaged 281.2 malicious emails compared with one in 154.9 in Q4 2008.
Phishing: One in 284.6 emails (0.35 percent) comprised some form of phishing attack, a decrease of 0.17 percent in the proportion of phishing attacks compared with February. When judged as a proportion of all email-borne threats such as viruses and Trojans, the number of phishing emails had increased by 37.3 percent to 98.9 percent of all email-borne malware threats intercepted in March. Phishing levels for Q1 2009 averaged one in 290.4, compared with one in 221.9 for Q4 2008.
Geographical Trends:
-- Spam levels in Hong Kong rose by 15.9 percent in March positioning it as the most spammed country. -- Spam levels in the US rose to 78.4 percent, 76.3 percent in Canada and 68.4 percent in the UK. Germany's spam rate reached 69.9 percent and 68.8 percent in the Netherlands. Spam levels in Australia were 86.4 percent, 88.4 percent in China and 85.9 percent in Japan. -- Virus activity in the UK rose by 0.12 percent to 1 in 170.5 emails, placing it in the top position for viruses in March. -- Virus levels for the US were 1 in 454.7, 1 in 204.7 for Canada and 1 in 853.3 for Australia. Virus levels for Germany were 1 in 185.9, 1 in 255.2 in Hong Kong and in Japan they reached 1 in 1,427.7.
Vertical Trends:
-- In March, the most spammed industry sector with a spam rate of 83.3 percent was the Engineering sector. -- Spam levels reached 76.5 percent for the Education sector, and 73.2 percent for the Chemical & Pharmaceutical sector; 81.9 percent for Retail, 70.0 percent for Public Sector and 58.9 percent for Finance. -- Virus activity in the Education sector rose by 0.02 percent, placing the sector at the top of the table with 1 in 96.0 emails being infected. -- Virus levels for the IT Services sector were 1 in 285.9, 1 in 428.0 for Retail and 1 in 409.3 for Finance.
The March 2009 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at [ http://www.messagelabs.com/intelligence.aspx ].
Symantec's MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.
About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at [ www.symantec.com ].
NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at [ http://www.symantec.com/news ]. All prices noted are in U.S. dollars and are valid only in the United States.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.