Spam Doubles, Personalized Spam Quadruples in 2008

Spam Doubles, Personalized Spam Quadruples in 2008

Spam nearly doubled worldwide since last year and now accounts for nearly 200 billion email messages each day (approximately 90% of email sent), while “personalized” spam based on personal information stolen from the web, has quadrupled in the same time period, according to a study from Cisco Systems, reports MarketingVox.

cisco-network-security-report-average-daily-spam-volume-2008.jpg

The Cisco Annual Security Report for 2008 finds that personalized spam, also known as “spear phishing,” comprised more than 0.4% of all September attacks versus less than 0.1% a year ago.

cisco-network-security-report-targeted-attacks-percentage-spam-2008.jpg

Spear phishing involves sophisticated online criminals using smaller phishing campaigns aimed at more targeted groups of recipients.

While earlier phishing campaigns were widespread and high volume and typically pretended to be from large banks with a national presence, an increasing number of phishing campaigns are using the identities of regional and local banks located near the recipient (and thus involving fewer messages per campaign), Cisco states.

According to the report, the latest types of spear-phishing campaigns include:

  • Spam sent via SMS to the mobile phones of recipients in the same area code.
  • Emails that appear to be from the Internal Revenue Service, The Better Business Bureau, and the US district courts or tax courts.
  • Emails pretending to be from universities with which the intended victims are affiliated as current students,
    alumni, or faculty.
  • Emails that attempt to lure the victim into entering login information about their Google Adwords account (not
    only is the victim’s credit card or personal information stolen, but often, their Adwords traffic gets redirected
    to criminal-run blogs).
  • “Whaling” emails, which are extremely personalized to target specific top executives.

The security report also reveals that overall online and data security threats continue to increase in number and sophistication, propagating faster and becoming more difficult to detect.
Additional network security findings:

  • The overall number of disclosed network vulnerabilities grew by 11.5% over 2007.
  • Vulnerabilities in virtualization products tripled to 103 in 2008 from 35 in 2007, as more organizations embraced virtualization technologies to increase cost-efficiency and productivity
  • Over the course of 2008, Cisco saw a 90% growth rate in threats originating from legitimate domains; nearly double those in 2007.
  • Spam from email reputation hijacking from the top-three webmail providers accounted for just under 1% of all spam worldwide, but constituted 7.6% of all these providers’ mail.
  • The top three originating countries for spam were the United states (17.2% of all spam), Turkey (9.2%) and Russia (8%).

cisco-network-security-report-spam-originating-country-2008.jpg

Although no single, overwhelming attack – such as the spread of Melissa, Slammer, or Storm malware in previous years – turned into the signature security event of 2008, Cisco stresses that the need for increased security protection and continued vigilance.

 About the report: The Cisco Annual Security Report provides a comprehensive overview of the combined security intelligence of the entire Cisco organization. Encompassing threat and trends information collected between January and October 2008, this document provides a snapshot of the state of security for that period. The report also provides recommendations from Cisco security experts and predictions of how identified trends will continue into 2009.