Spam Attacks on the Rise in Q3

• By Jabulani Leffall
• 11/03/08

Identity thieves and hackers appear to be coming at Windows users from all fronts, most commonly with spam. They were particularly active during the third quarter of 2008, when they did it eight times more frequently than in the previous quarter, according to a report released Monday by Sophos.

The study found that one out of every 416 e-mails in Q3 contained bogus or malicious attachments. This is up significantly from the period between March and June, which tallied just one such e-mail for every 3,333.

"For Apple Mac and Unix lovers, these major spam attacks just mean a clogged-up inbox, not an infected operating system. But organized criminals are causing havoc for Windows users in the hunt for cold, hard cash," said Graham Cluley, senior technology consultant at Sophos, in an e-mail to Redmondmag.com.

It's hard to get a clear read on the number of successful attacks because enterprises don't want to tip their hand and embarrassed users aren't exactly chomping at the bit to report these occurrences. But the Sophos report can't simply be dismissed as an aberration or a marketing tool for anti-virus software; a separate report, also released Monday, appears to confirm the pattern of spam growth.

Enterprise gateway security firm Secure Computing Corp.'s Q3 2008 Internet Threats Report found that spam volumes returned to record highs in the quarter with "fairly steady monthly increases throughout the summer." Over 5,000 new zombies were created every hour, according to Secure Computing's report. Among the most common attacks were the Agent-HNY Trojan, which was responsible for more than 25 percent of all e-mail attachment malware in the quarter.

The EncPk-CZ Trojan is another example of the type of spam that seeps into inboxes (one such malicious virus came disguised as a Microsoft security patch). The Sophos report stated that EncPK strains accounted for 12 percent of all the disclosed e-mail-borne bugs over the past three months.

As for Secure Computing's study, the company said the increase in the spam it tracked was due to malicious e-mails with the subject line "Your bank has failed," "Breaking News," "Delivery Status Notification" or "Election scoop" -- with the latter invariably mentioning the name "Obama." It turns out that 80 percent of election-related spam currently bears the Democratic presidential nominee's name. Secure Computing's TrustedSource Labs estimates the number of worldwide U.S. election-related spam e-mails at approximately 100 million messages per day.

Meanwhile, Sophos' Cluley said that hackers count on end users to "click without thinking, thus exposing themselves to hackers hell-bent on gaining access to confidential information and raiding bank accounts."