|
Ahmedabad
April 29, 2008
Cyberoam, a division of Elitecore Technologies announced that its Q1 2008
e-mail threat trend report, prepared in collaboration with partner Commtouch,
revealed that malware distributors and spammers are now hiding their unwanted
messages within legitimate-appearing websites and messages.
These tactics include pharma spam camouflaged as Hotmail welcome letters,
blogspot redirects to malware sites, hidden malware sites in search result URLs,
hosted spam images on Flickr accounts and spear-phishing scams using Google and
Yahoo! Calendar standards. All of these methods deploy social and psychological
engineering strategies to take advantage of user trust and behavior. On average,
more than 3,50,000 zombies were newly activated each day to facilitate this
activity.
Social engineering approaches targeting user behavior patterns had also seen
a steep rise during Q4 2007, where spammers launched attacks deploying easy cash
and discounted gift scams. Existing security solutions have been unable to block
the new formats, resulting in an alarming rise in spam levels reaching 94
percent of all e-mail at its peak to date in 2008.
During this period, spam and malware writers leveraged current affairs to
keep their messages relevant. When the US Federal Reserve cut interest rates in
late January in response to the mortgage crisis, millions of US mortgages became
eligible for refinancing. Spammers capitalized and pumped out immense quantities
of mortgage refinancing spam, which jumped from two to 10 percent of all spam in
this quarter. Consequently, the rise in mortgage spam delayed or prevented
e-mail correspondence between banks and their customers as technologies could
not differentiate between valid mortgage-related mail and the spam.
The report also revealed that holidays continued to be a vehicle for spam,
with outbreaks in honor of Valentine's Day, St Patrick's Day and April Fool's
Day. Most anti-spam solutions were ineffective, as blocking e-mails leveraging
holiday-themed keywords often resulted in false positives.
Cyberoam provides a multi-layered defense against such attacks. A Commtouch
RPD-based anti-spam engine filters all mail. Cyberoam also features content
filtering protection by adding URLs in custom categories to block the spread of
the threat. Additionally, Cyberoam features anti-virus protection to block
malware downloads.
“The latest e-mail threats, as revealed and described in the report,
clearly indicate that spammers are able to create a false sense of trust among
their targets by leveraging legitimate resources,” said Digvijaysinh Chudasama,
VP-Sales, India, Cyberoam. “Spam becomes more elusive as techniques continue
to evolve, so it is imperative that organizations deploy a multi-layered defense
to prevent any intrusion. Through our unique identity-based policies, along with
Commtouch's rapid pattern detection and outbreak prevention technologies,
Cyberoam is well-positioned to offer end-users the deepest and most
comprehensive level of protection,” he added.
Cyberoam uses the Commtouch RPD technology to analyze large volumes of
Internet traffic in real-time. Unlike traditional spam filters, it does not rely
on e-mail content, so it is able to detect spam in any language and in every
message format (including images, HTML, etc), non-English characters, single and
double byte, etc. Its language and content agnostic nature enables it to provide
effective spam blocking capabilities. Page(s) 1
| 
