FEATURE EDITORIAL

Malware Threats

End of quarter reports reveal that malware threats are not subsiding. Last week Commtouch released its second quarter 2008 Email Threats Trend Report. The report examines recent trends in email threats, especially the role of millions of dynamic zombie computers actively sending spam and malware every day. Highlights of the report include:

• Top domains with the most infected machines (aka zombies) based on Commtouch Labs research include: Telecom Italia, Brasil Telecom, and Verizon
• Spam levels throughout the second quarter averaged 77 percent, ranging from a low of 64 percent to a peak of 94 percent of all email towards the end of the quarter
• 10 million zombie IP addresses are active each day, on average
• United States drops to 9th place in number of zombies globally. Turkey is number one with 11 percent of all zombies
• Pharmaceutical spam is the most popular topic, comprising 40 percent of all spam
• Phishing scams took advantage of higher education community, as well as Google adwords users
• Spammers experimented with vertical display in Chinese-language spam

More details, including samples of spam and malware messages, are available in the Commtouch Q2 2008 Email Threats Trend Report .

Yesterday MessageLabs announced year-to-date spam rates for individual U.S. states. According to MessageLabs Intelligence data the top 10 most spammed U.S. states are:

1. Illinois
2. South Dakota
3. Oregon
4. New Hampshire
5. Wisconsin
6. North Carolina
7. Indiana
8. Texas
9 . Pennsylvania
10. Alabama

"The varying spam levels across states can be attributed to different socioeconomic factors and levels of security awareness in each state," says Matt Sergeant, senior anti-spam technologist for MessageLabs. "The states that are experiencing higher spam levels may not place as high a priority on IT security overall or employees and businesses may be more willing to share their personal contact information in public domains. When email addresses are openly available, spammers take advantage of it and inundate those inboxes with massive amounts of spam."

The company says it scans three billion email connections per day and in June 2008 the global ratio of spam in email traffic from new and previously unknown bad sources was 81.5 percent. The lowest percentage of spam going to a single state was 78.5 percent. The average spam level for the entire U.S. reached 86 percent in June. "Not only are spam levels increasing, we are also seeing several new and different types of spam," Sergeant said. "Spam has become mailed out in smaller, more targeted batches and spammers are using varying approaches from leveraging celebrity names and current events to grab attention to exploiting mainstream hosted services like Microsoft Skydrive and Google Docs to evade spam filters. Spammers are relentless in their tactics for exploiting computer users."

While spam is still a significant problem for email, Ferris Research Analyst Richi Jennings, recently commented that SMS text message spam is still a minor problem. "In 2006, U.S. consumers received about 800 million text messages that they identified as spam. In 2007, we estimated the total was around 1.1 billion. Our estimate for 2008 is 1.5 billion," writes Jennings. "At first sight, these numbers sound large, but remember that this is over an entire year and that there are some 200 million active SMS users in the nation. In other words, the problem is negligible, and nothing like the size of the email spam problem."

Jennings goes on to explain, "Mobile service providers such as Sprint and AT&T Wireless are highly motivated to keep it this way, for obvious customer satisfaction reasons. The good news is that cell phone networks aren't completely 'open' like email is, so it's much more difficult for a sender to anonymously send spam. (Note that we're being careful to estimate the number of spammy messages received — this is the figure after the carriers have thwarted other attempts to spam. We can't accurately estimate how many unsuccessful attempts there are, but it's a substantial number — probably at least another 1.5 billion in the United States.)"

Certified Faxing

This week Graphnet, Inc. announced the addition of a new feature to its inbound fax-to-email service. The patent pending feature, called the Certified Inbound Fax Service (CIFS), ensures that incoming electronic fax messages are read in a timely manner. Allowing clients to specify a timeframe during which received faxes should be read, CIFS monitors such messages, so that if they are not opened within that period, duplicate messages will be sent to an alternate failsafe address. "This is revolutionary because, as far as I know, CIFS is the first feature of its kind that basically tracks when a fax email is opened and consequently undertakes a failsafe procedure when that message is not opened within a specified timeframe or if that message is not delivered properly," says Larry Cohen, Graphnet's product manager. "It's amazingly useful because electronic delivery of faxes is never guaranteed — sometimes a user's inbox is full and the fax bounces, sometimes the email program filters out the fax as spam, and sometimes the message gets blocked or experiences errors."

Inbound fax-to-email services work by linking a fax number with an email destination. All faxes sent to that specific number are converted into an email message by the service provider, who then transmits that message to the client's inbox. Graphnet believes the problem is that sometimes the email never gets to the client because of technical issues, such as the ones detailed above and notes that CIFS addresses these shortcomings by protecting this last link between the client's inbox and Graphnet's servers; immediately notifying Graphnet personnel if an error occurs in message transmission. The company says what makes CIFS unique, however, is not the procedure taken in the event of delivery errors, but rather the procedure taken when the received message is not opened on time.

MESSAGING NEWS CASE STUDY BRIEF:

Real World Solutions from People in the Trenches featuring Mimosa Systems and Chester County, Penn.

Chester County's government is headquartered in West Chester, a borough of 18,000 people just 25 miles west of Philadelphia. The county is administered by a board of commissioners charged with managing the large and varied governmental organizations. "We are determined to be ahead of the curve on all technology issues—especially e-Discovery," says Jim Ray, senior technology manager for Chester County. "We needed a way to seamlessly search through massive amounts of email for legal and HR. The legacy process took an exorbitant amount of time and IT resources because we had to crawl all our file systems. The county needed a solution that would address this issue and find the data in a more timely fashion for discovery requests to ensure that we could meet our legal requirements."

Chester County selected Mimosa Systems' next-generation Mimosa NearPoint software to ensure the retention, preservation, protection, and recovery of its vital email data. "We had multiple PST files everywhere. One-quarter of our file storage volume was being used by PST files, and that does not include PST's that were stored on local PCs and laptops," Ray explains. "With Mimosa, we can safely restrict mailbox size and automatically archive emails in a big electronic filing cabinet. We can improve performance, while ensuring that our data is always safe and discoverable."

==

We welcome your ideas and your news for Messaging Newswire’s News & Trends in Email Security. Let us know what you think by sending your comments to editorial@messagingnews.com. Written or compiled by Stephanie Jordan. All trademarks are the property of their respective owners.

For marketing information on this newsletter or other Messaging News products contact jvictor@messagingnews.com