Tag Archives: World Cup

MessageLabs Intelligence Report – World Cup Captures 25 Percent of All Global Spam

Symantec Hosted Services, in its June 2010 MessageLabs Intelligence Report, reveals that 25 percent of current global spam is World Cup related. Here in North America, where Football (Soccer), has long struggled to get a foothold, I haven’t personally seen this type of Spam in my “spamtrap” email accounts.

But, (to paraphrase that old time bank robber, Willie Sutton) – you go where the money is. And, in this case, the current opportunity for spammers, and the money, is in Brazil – a fanatical Football nation.

According to MessageLabs Intelligence, they recently detected “45 targeted malware emails aimed at Brazilian companies, including those in the chemical, manufacturing and finance sectors. The attack used dual attack modes – a PDF attachment, and a malicious link to bypass traditional security measures.”

MessageLabs Intelligence Senior Analyst, Paul Wood, explained this spammer switch in focus – “Right now, spammers are reliant on the massive wave of excitement and expectation that typically surrounds an event like the FIFA World Cup.”

The spam landscape changes constantly, so we need to guard against complacency. Knowledge is power, and we as computer users need as much power as we can get in order to stay safe on the Internet. I encourage you to read the highlights of the just released MessageLabs Intelligence June report.

Report highlights:

Spam: In June 2010, the global ratio of spam in email traffic from new and previously unknown bad sources was 89.3 percent (1 in 1.12 emails), a decrease of 0.9 percentage points since May.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was one in 276.4 emails (0.362 percent) in June, an decrease of 0.11 percentage points since May. In June 16.7 percent of email-borne malware contained links to malicious websites, a decrease of 5.9 percentage points since May.

Endpoint Threats: Malware may penetrate an organization in many ways, including drive-by attacks from compromised websites, Trojan horses and worms that spread by copying themselves to removable drives. Once again, this month the most frequently blocked malware for the last month was the Sality.AE virus, which spreads by infecting executable files and attempts to download potentially malicious files from the Internet.

Phishing: In June, phishing activity was 1 in 634.4 emails (0.158 percent) a decrease of 0.26 percentage points since May. When judged as a proportion of all email-borne threats such as viruses and Trojans, the proportion of phishing emails had decreased by 17.3 percentage points to 63.3 percent of all email-borne malware and phishing threats combined.

Web security: Analysis of web security activity shows that 30.3 percent of malicious domains blocked were new in May, a decrease of 1.5 percentage points since May. MessageLabs Intelligence also identified an average of 1,598 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, a decrease of 9.7 percent since May.

The June 2010 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available here.

About MessageLabs Intelligence:

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

3 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, Internet Security Alerts, MessageLabs, Safe Surfing, Symantec

FIFA World Cup Scammers Using Double Attack Mode Says Symantec Hosted Services

image If one is good, then two must be better, right? FIFA World Cup  scammers apparently believe this double whammy approach will be more successful in helping them overcoming security safeguards, and perhaps even a targeted victim’s reluctance to engage with malicious email.

According to Symantec Hosted Services’ MessageLabs Intelligence unit, they have intercepted “a run of 45 targeted malware emails in route to a number of Brazilian companies across industries”.

The MessageLabs Intelligence unit discovered the attack had been crafted using both an infected  PDF attachment, and a malicious web link. The outcome of this double barreled approach could mean, “even if the malicious PDF attachment is removed by an anti-virus gateway, the malicious link remains in the body of the email and may still be delivered to the recipient” stated Symantec.

As the tournament continues, don’t be surprised to see more World Cup-related spam and malware threats emerge.

You can learn more about World Cup-related spam here.

About MessageLabs Intelligence:

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

9 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, email scams, internet scams, Internet Security Alerts, Malware Advisories, MessageLabs, spam, Symantec, Windows Tips and Tools

Cyber Criminals are Kicking Internet Users, and the World Cup

image I’m a huge fan of the World Cup, but I have to admit, I’m totally annoyed that France eliminated Ireland on an illegal hand ball earlier this year. I’m Irish, by cultural extraction, so I get to feel this way.

By allowing this tainted win to stand, FIFA did nothing to enhance the perception of fairness in the “beautiful” game.

But, I’m digressing – this article is supposed to be about how cyber crooks are capitalizing on the World Cup, and screwing Internet users in the process.

Aware internet users know, that if an event is newsworthy, cyber criminals will exploit it to their own advantage. It’s no surprise then, that cyber criminals have jumped on the World Cup, and are already exploiting this enormously significant event.

Cybercriminals are experts at exploiting our curiosity surrounding current events, and by focusing on this aspect of social engineering (using a shotgun approach), they are increasingly creating opportunities designed to drop malicious code on our computers. Most of this activity is designed to separate unwitting victims from their money.

Cybercriminals can be much more direct though, in their attempts to separate victims from their money. The bad guys are now using specifically targeted email attacks against high profile officials in inter-governmental organizations, world wide.

Symantec Hosted Services has just reported they “first intercepted a FIFA World Cup related attack at the end of March 2010”, and additional targeted attacks have been uncovered since then. The attack emails are crafted in such a way that recipients are encouraged to open an attached, malicious, World Cup match schedule.

According to Symantec, “should the recipient become lured in, an open excel file will drop an executable on the compromised PC, creating a “backdoor” that bypasses normal authentication, connecting to the hacker’s machine.”

The following graphic is illustrative of the type of emails used by these cyber criminals.

image

You can learn more about these targeted attacks online at the MessageLabs Intelligence blog.

Additional information in the blog report includes:

What type of file do targeted attacks use the most in their attachments?

How are legitimate websites used in targeted attacks?

What other targeted attacks have arisen during the World Cup?

How can targeted attacks be detected?

About MessageLabs Intelligence:

Symantec’s MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs Intelligence provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

About Symantec:

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world.  Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available here.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

7 Comments

Filed under cybercrime, Don't Get Scammed, Don't Get Hacked, Email, email scams, Internet Security Alerts, Malware Advisories, MessageLabs, Online Safety, spam, Symantec, Windows Tips and Tools