EmailSafety.net - MessageLabs Intelligence Reports make good reading

MessageLabs Intelligence Reports make good reading

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Recent News

Recently I explored a useful resource in the Intelligence Reports from MessageLabs, a company “founded in 1999 with a single purpose - to find a better way to stop the new breed of viruses that were harnessing the power of Internet to spread rapidly and causing huge disruption to the business world.”

The Intelligence Reports are brief (3 to 22 pages) analyses of spam and virus prevalence with news articles summarizing significant new developments in the periods they cover. These concise reports include excellent graphics, clear explanations of new malicious-software and deception techniques, and will be particularly useful to security and network professionals preparing executive briefings, as well as researchers, writers and students. Today I’m pointing to some particularly interesting findings from the most recent issues.

December 2007 Annual Security Report: "A year of storms, spam and socializing..."

The authors point to a growing wave of increasingly sophisticated social engineering techniques such as “targeted attacks… aimed at C-level executives” and also exploitation of “social networking sites [and] corporate Web sites… to collect more information on their targets before launching such attacks.”

Want to compare security products? Visit the IT Buyer's Guides now.

Botnet usage and sophistication grew; the StormWorm gang controlled “almost two million compromised computers [and] was deemed one of the largest of its kind.” Spam using attachments such as spreadsheets and MP3 sound files became a nuisance in that year.

“Whaling” (in contrast to phishing) attacks were identified as “highly targeted phishing-style attacks against senior executives around the world across a range of organizations... The first major whaling attack in 2007 occurred on June 26 when MessageLabs intercepted 512 e-mails with a Microsoft Word document attached, which contained an embedded spying trojan. All of the e-mails targeted senior executives across a number of organizations in many countries. So precise were these attacks that the subject line of the email included the recipient’s name and job title. The next significant wave appeared in September with MessageLabs intercepting 1,100 individual e-mail attacks from the same criminal gang responsible for the June outburst. None of the e-mails this time contained any text; the only content was an RTF attachment which contained the spying trojan. Unlike the earlier June attack, where the name and job title of the victim was included within the subject line of the e-mail, this series of attacks purported to be from an employment service regarding a prospective employee and included the target’s company name within the subject line. Again, the e-mails were targeted towards C-level executives and senior management, including repeated attacks at the same company through different C-level entry points.”

1 | 2 | 3 | Next >

Recent News:

· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High

Site Map | Recent News | Related Sites