InTheMailDec09

  • 315 views
Uploaded on

 

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
315
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Decemember 2009 Volume 2, Issue 12 Monthly Websense Email Security Threat Brief Top 10 Classifications of URLs in Email Top 10 ThreatSeekerTM Malware Discoveries & Closed Window of Exposure Instances AV Exposure Window 100,000 180 Tech 160 Other 10,000 140 17% Instances 29% Hours 120 1,000 100 100 80 60 Malicious 10 40 14% 20 Social 1 0 Networks 5% Shopping 6% Business Financial 8% Storage Search Forums 5% 7% 5% 4% Figure 1: Embedded URLs in Email Figure 2: First to Detect Understanding how Web URLs in Email are classified Because of the ThreatSeekerTM Network, our Email Security customers are protected is crucial to stopping converged threats hours, and often days, before other security vendors provide a solution. KEY STATS Social Spamineering Monthly Email Trends from the Security Labs Threats “in the mail” this month:  3.2 billion messages processed by the Hosted Infrastructure (over 103 million per day) December brought several major attacks in which hackers built their social-engineering campaigns around two main themes –  86.8% of all email was spam 1) the H1N1 scare, and 2) Facebook Password resets.  91.4% of spam included an embedded URL  55 thousand instances of 22 unique zero-day In the first tactic, spammer sent emails masquerading as the threats stopped by ThreatSeeker before AV CDC (Center for Disease Control), calling recipients to  2.9% of spam emails were phishing attacks "follow this link" for a "vaccination profile". The link leads to How Websense is addressing these threats: a fake CDC Web site where visitors may be infected. The  99.7% spam detection rate. Websense Hosted email subject line changes: variations include Email Security provides 99% spam detection "Governmental registration program on the H1N1 Service Level Agreement. vaccination" and "Your personal vaccination profile".  Average false positive rate of 1 in 577,618  1% average daily threats protected using The second tactic was an email purporting to be from ThreatSeeker intelligence before AV signatures Facebook with a malware attachment. The email claims that were available the recipient's Facebook password has been reset for security reasons and that the recipient should open the What this means: attachment to find the new password. As a matter of  The threat landscape is dangerous and growing more sophisticated. course, nobody should ever open an attachment to get a  Websense is on the forefront of finding these new password, yet these attacks often succeed. Victims threats including the increasingly pervasive would find themselves infected with the Bredolab Trojan blended threats. Downloader.  Most importantly, Websense is ideally positioned to address these threats with our Can people tell the difference between a real and fake Web market-leading Web security expertise, which site? A recent study discovered that about 45% of the time drives our leadership in protecting from converged email & Web 2.0 threats. people submit their information to a phishing site.
  • 2. Spam as a Percent of Inbound Email 95% Why Websense Email Security? 90% 85% - The Websense ThreatSeeker 80% Network provides the 75% intelligence to proactively 70% protect against spam and malware – far ahead of traditional anti-spam and anti- virus alone. Figure 3 - Percent of email that contains spam (Average 86.8%) While this figure fluctuates, this signifies that a very high percentage of incoming email is indeed spam. Without a strong email security solution, customers will experience bandwidth and storage capacity issues, - Today’s pervasive blended frustration, and a drain in productivity, not to mention exposure to significant security risk. threats are best matched by integration of best-in-class Websense Web security with email security for Essential Information Protection. Spam Detection Rate 100.0% 99.8% 99.6% 99.4% 99.2% 99.0% Figure 4 - Percent of spam detected (Average 99.7%) This is evidence that we are consistently maintaining a very high spam detection rate. Therefore, customers should be very confident that with Websense they are receiving the best in anti-spam protection. False Positive Rate (1 in X) 2,500,000 250,000 25,000 2,500 Figure 5 - False Positive Rate (Average 1 in 577,618) This shows how Websense is consistently maintaining a very low false positive rate. While Websense is catching a high percentage of spam, customers are rarely inhibited by messages falsely landing in a spam queue.