Email Threat Down: Web Threat Up
Email Threat Down: Web Threat Up
July 27, 2007: Email users may be relieved to find out that overall spam levels in the first half of 2007 are down, yet also cautioned to beware of more malicious attacks spread via the Web.
Both Marshal and Sophos released six month security reports this week, presenting good news on the slow-down of image spam alongside phishing related attacks, yet some emerging surprises on overall Web security, especially when it comes to malicious code finding its way to a server.
“It you’re an administrator and you’re of the mind that anti-virus protection is really something for PCs, you really also need to up the protection on servers,” says Paul Duck, the Asia Pacific head of technology for Sophos. “You really need to consider real-time file checkers, even on Linux and receive instant notification when somebody has put malicious code on the server.”
Sophos finds that in the first half of 2007, Web based attacks have taken over email as the preferred vehicle of attack for the financially motivated cybercriminals. In June alone, Sophos says it recovered around 29,700 new infected webpages every day – a stark contrast to the average 5,000 it was detected earlier on in the year.
Duck also urged organisations to consider the impact of employees installing what is in many cases legitimate and seemingly innocent file-sharing software. “People with the ebst security in the world can all of the sudden have employees installing some form of file sharing software and find they run into some problems,” he says. “Our software which was previously designed to block viruses, can now be used to block legitimate software.”
Another emerging security concern exists in the use of removable drives including anything with a removable drive like cameras, mobile phones, MP3 platers and standard USB sticks. “In the old days viruses were spread via floppy disks, the problem being the disk still worked but the data on the disk would cause the trouble,” says Duck. “That’s back with a vengeance, this time using removable, USB drives.”
On the email front, an PDF spam, containing attached PDFs with embedded advertisements is causing concern and plaguing inboxes across the globe. According to Bradley Anstis, director of product development at Marshal, the spike in PDF spam is similar to a short, sharp spike of spam containing attached word documents, detected by Marshal last year. “It was a sharp burst, but luckily a lot of these spam filters including are own are able to look in side these word documents,” says Anstis.
“PDF spam has been more successful, because not too many spam products actually incorporate PDF,” continues Anstis. “It’s also easier for the spammers to send as the file sizes are actually smaller, say if you have a word document that’s 100 kb, it’ll end up being more like 25 kb as a PDF.
On phishing both Duck and Anstis are pleased that finally the message appears to have gotten through to email users. “Phishing is on the decline, clearly it’s not as successful as it used to be,” says Anstis. “Firstly, users are not as gullible and surprisingly, law enforcement is starting to have an effect.”
However Duck warns we’re in the midst of an ‘arms race.’ “Experience suggests as people get used to one form of email, then the bad guys will go and try and find something new,” he says. “The problem is guessing which file types they’re going to use next.”