Research

Numbers: Spam Increases 100 Percent, Gets 'Dirty' in 2007

IronPort study predicts even more collaborative, adaptive "social malware" will appear in 2008

By Katherine Walsh

December 13, 2007 — CSO — Not only is the volume of spam and malware increasing, but the attacks also are ever more targeted and sophisticated, according to e-mail security provider IronPort’s 2008 Internet Security Report. Highlights from the study include:

*    Spam volume increased 100 percent, to more than 120 billion spam messages per day in 2007. Enterprise users get between 100 and 1,000 spam messages per day.

*    Spam attacks have moved beyond their attempts to lure victims with pharmaceuticals and low interest mortgages. Today’s spam increasingly contains links that point to websites that distribute malware (which extends the size of the botnet that originated the spam). 2007 saw a 253 percent increase in such spam, known as “dirty spam.”

*    Viruses are less visible but increasing in number.  In 2007, they were more polymorphic and more likely to be associated with sophisticated botnets like "Storm."

*    The duration of specific attack techniques has decreased. In 2006, image spam was the primary new technique. But 2007 saw more than 20 different attachment types, such as MP3 and PDF spam, that were used in a variety of short-lived attack techniques.

IronPort predicts that 2008 will be the "year of social malware." Today’s malware, like the "Storm" Trojan, is collaborative, peer-to-peer and adaptive, borrowing characteristics from social networking sites associated with Web 2.0. New variants of Trojans and malware will be increasingly targeted and harder to detect.

Associate Staff Writer Katherine Walsh can be reached at kwalsh@cxo.com.

Other stories by Katherine Walsh

• Email
• Print
• Comments
• Digg This
• SlashDot