Spammers Use Google Sites to Host Spam

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

<strong>New York and London &mdash; Aug. 5</strong><br />MessageLabs, a provider of messaging and Web-security services to businesses worldwide, announced the results of its MessageLabs Intelligence Report for July. Analysis highlights that spammers continued the trend of abusing Google&rsquo;s hosted applications to host spam. <br /><br />Previously abused applications include Google Docs, Google Pages and Google Calendar. Google Sites allows a novice to easily create a Web page composed of a string of random letters and numbers resulting in a URL that is more difficult to block using traditional signature-based anti-spam tools. <br /> <br />&ldquo;Google Sites is yet another way that spammers have programmatically defeated CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) mechanisms, a validation technique that is designed to defend against automated sign-up tools frequently used by spammers by requiring the user to enter a string of letters,&rdquo; said Mark Sunner, chief security analyst at MessageLabs. <br /><br />&ldquo;While Google Sites spam accounts for only 1 percent of all spam currently, we anticipate that this technique&rsquo;s popularity will rival that of its predecessors, Google Docs, Calendar and Pages spam. If this is the case, then we may see spam levels increase in the months ahead.&rdquo; <br /> <br />Also in July, the number of new malicious Web sites blocked each day has increased by 91 percent from 2,076 since June to an average of 3,968 new sites intercepted daily. This month&rsquo;s rise in Web threats, according to MessageLabs, is due to the number of Web sites linked to SQL injection attacks. This latest increase in malicious Web sites brings the threat to record high levels. <br /> <br />&ldquo;An emerging theme for threats this month seems to be new variations on old attack methods,&rdquo; Sunner said. &ldquo;Following on from June, Web-based malware continues to be a treacherous threat, and organizations would be smart to build their Web-security defenses in preparation for what could be on the horizon.&rdquo; <br /> <br />Similar to last month, a flood of spam e-mails with subject lines displaying celebrity names and made up breaking news was intercepted in July. The Storm-generated e-mails included links to the Storm malware disguised as video footage of the fabricated events. <br /><br />However, the celebrity referenced spam e-mails were unique in that they contained links that, if activated, downloaded the new rogue anti-spyware program Antivirus XP 2008 on the victims&rsquo; computers using a file called video.exe. The program then scans the computer and displays the number of infections that can only be removed by purchasing the software. <br /> <br />Other report highlights:<br /> <br /><ul><li><strong>Web security: </strong>Analysis of Web-security activity shows that 83.4 percent of all Web-based malware intercepted was new in July. MessageLabs also identified an average of 3,968 new Web sites per day, harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 91 percent since June. </li><li><strong>Spam: </strong>In July 2008, the global ratio of spam in e-mail traffic from new and previously unknown bad sources was 75.1 percent (1 in 1.33 e-mails), a decrease of 1.4 percent since June.  </li><li><strong>Viruses:</strong> The global ratio of e-mail-borne viruses in e-mail traffic from new and previously unknown bad sources was one in 148.2 e-mails (0.67 percent), a decrease of 0.07 percent since June. In July, 3 percent of e-mail-borne malware contained links to malicious sites, a decrease of 17.3 percent since June. </li><li><strong>Phishing: </strong>In July, phishing activity rose by 0.19 percent compared with the previous month. One in 180.6 (.55 percent) e-mails comprised some form of phishing attack. When judged as a proportion of all e-mail-borne threats such as viruses and Trojans, the number of phishing e-mails has increased by 33.8 percent to 82.1 percent of all e-mail-borne malware threats intercepted in July. </li></ul> <br />Geographical Trends:<br /><br /><ul><li>In July, Switzerland remained the most spammed country with levels reaching 84.2 percent of all e-mail. The largest increase in spam levels this month was observed in the United States, where it rose by 5.9 percent to 79.8 percent. </li><li>Spam levels in the U.K. reached 69.9 percent in July and 74.6 percent in Canada. Germany&#39;s spam rate reached 70 percent and spam rose to 70.6 percent in the Netherlands. Spam levels in Australia were 64.1 percent, 72.9 percent in China and 67.8 percent in Japan. </li><li>The largest increase of .48 percent in virus activity was observed in Canada where virus levels of 1 in 80.7 put the country in third place for July. </li><li>Virus levels for the U.S. were 1 in 243.7 and 1 in 110.3 for the U.K. and 1 in 214.8 for Germany. In Australia, virus levels were 1 in 303.1 and 1 in 378.6 for Japan. </li></ul> <br />Vertical Trends:<br /><br /><ul><li>Spam decreased across all industry sectors in July with the exception of the nonprofit sector, where spam rose by 5.8 percent to 82.2 percent. </li><li>The largest decrease was noted in the accommodation and catering sector, where levels fell by 3.6 percent and 73 percent respectively. </li><li>Chemical and pharmaceutical-sector spam levels reached 72.6 percent, 78.3 percent for retail, 72.4 percent for public sector and 68.5 percent for finance. </li><li>Similarly, virus levels across most industry sectors decreased during July. In the real-estate sector, virus levels rose by 0.07 percent to 1 in 135.4 e-mails containing malware. The largest decline was noted in the accommodation and catering sector, where levels fell by 0.51 percent to 1 in 69 e-mails containing malicious content. </li><li>Virus levels for the IT services sector were 1 in 158.7, 1 in 176.6 for retail and 1 in 198.8 for finance.</li></ul>

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|