Spam Bouncing Back, Facebook’s New Threat

Related Articles

• Are Larger Organizations More Susceptible to Spear Phishing Attacks?
• What Really Is the "D" in BYOD?
• Account Takeovers Estimated in 100s of Thousands a Day

Subscription Options

Subscribe Newswire

Widgets & RSS Feeds

In the fourth quarter of 2010 spam levels dropped to an all time low. The thrill has been short lived, however, as Commtouch reports spam has increased 45 percent this week.

In its quarterly Internet Threats Trend Report, which covers spam, phishing, malware and Web threats, Commtouch says December’s daily average for spam was around 30 percent less than in September. The average amount of spam for the fourth quarter (Q4) of 2010 was 83 percent of all email sent worldwide, down from 88 percent in the third quarter (Q3).

According to the report, in Q4 approximately 288,000 zombies were activated daily, a significant decrease as compared to 339,000 during Q3. “An inactive botnet is like an idle factory, a money-losing proposition for spammers,” warns Asaf Greiner, Commtouch vice president of products. “We have seen situations where after a lull in spam or malware distribution a new tactic was introduced. Threat experts are wise to continue following changes in network behavior in order to proactively block new threats.”

Commtouch found spam levels averaged 142 billion spam/phishing messages per day during Q4 compared to the 198 billion spam/phishing messages per day during Q3. Commtouch stated that spam activity increased by 45 percent just prior to the report’s publication on January 12.

Also this week, AppRiver, LLC released its year-end Threat and Spamscape report, which offers a summary and analysis of spam and malware trends traced over the course of 2010.

According to Fred Touchette, AppRiver report author and senior security analyst, phishing techniques showed increasing sophistication in 2010. Touchette predicts that phishing campaigns will continue to be a trend in 2011. Specifically, he believes the following phishing characteristics will be seen this year:

Pretending to be a Banking Institution— Touchette says posing as a trusted bank is a tried and true persona for cyber criminals. Unsuspecting online bankers will continue to be victims, as they respond to simple emails that appear to be from their bank asking them to login.

Activating Botnets—Despite the take down of the Pushdo and Bredolab botnets, Touchette notes that the presence of botnets does not appear to be going away any time soon. Underground forums that sell kits, mostly ZeuS-based kits, will enable botnets to continue to spew out spam for the foreseeable future.

Targeting Mobile Devices—The steadily increasing use of mobile devices will increase the likelihood of these devices becoming prime targets for malicious attacks, predicts Touchette, offering evidence of the attack we saw in late August, where cyber criminals showed just how easy it is to create a believable Facebook spam campaign targeting smartphone users.

Capitalizing on Facebook and Twitter—Touchette sees social networking sites as prime locations for cyber criminals to prey on the naïve and unsuspecting. He says the large cross-section of users makes the potential for a successful attack significant.

Speaking of Facebook, it was recently reported that a new social networking worm in the vein of Koobface is currently doing the rounds. Chester Wisniewski, a senior security advisor at Sophos Canada, commented that the reported threat is different from the usual Facebook malady because “unlike the majority of Facebook scams we report, this one actively infects your computer with malware instead of simply tricking you into taking surveys and passing on messages to other users.”

It appears that an individual received a link in his Facebook chat from a friend, which pointed to an app.facebook.com/CENSORED link. Writes Wisniewski, “Typically when you go to a Facebook app page it prompts you to add the application and grant it permission to post on your behalf or read your profile data. The scary part about this one is that it immediately prompts you to download a “FacebookPhotos#####.exe” file with no prompting or clicking required.”

Wisniewski goes on to say that a dialog box says that the photo has been moved to another location and encourages the user to click VIEW PHOTO in order to see it. Wisniewski warns, “If your computer has not already downloaded the malware, the “View Photo” button will download the virus for you.”

Facebook quickly removed the application, but as Wisniewski concludes, there are no doubt more like this one out there.

As we review 2010 and look forward to 2011, from a messaging security standpoint, it appears we are in for more of the same when it comes to spam, phishing and malware. Social networking sites with Facebook and Twitter perhaps in the lead, and mobile devices too will continue to be not only popular among users, but also popular with the bad guys.

=

Eye on Messaging is written by Stephanie Jordan, editor in chief of Messaging News. If you have story ideas or news to share, email her: sjordan [at] messagingnews [dot] com