1 | Trend Report Overview Real Security. In Real Time.Internet ThreatsTrend ReportApril 2013
2 | Trend Report Overview Real Security. In Real Time.The following is a condensed versionof the April 2013 CommtouchInter...
Spam Trends
4 | Trend Report Overview Real Security. In Real Time. Average 97.4 billion spam emails sent worldwide each day In March...
5 | Trend Report Overview Real Security. In Real Time. Spammers usecurrent news topicsof the day to lurerecipients intoop...
6 | Trend Report Overview Real Security. In Real Time. Re-emergence of pump and dump or penny stock spam• 43% in Q1 (par...
7 | Trend Report Overview Real Security. In Real Time.Origins of spam
Zombie Trends
9 | Trend Report Overview Real Security. In Real Time. Not related to spam zombie levels• Daily levels were basically con...
10 | Trend Report Overview Real Security. In Real Time. India still hosts over 12% of the world’s spam sendingzombies• Zo...
Malware Trends
12 | Trend Report Overview Real Security. In Real Time. Q1 average: 973 million malware emails sent each day• In March, v...
13 | Trend Report Overview Real Security. In Real Time. Single link emails sent from the compromised Yahooaccounts Links...
14 | Trend Report Overview Real Security. In Real Time. Android visitors sent tomalware download page Commtouch’s Antivi...
Web Security Trends
16 | Trend Report Overview Real Security. In Real Time. The first quarter of 2013 saw extensive use made of theBlackhole ...
17 | Trend Report Overview Real Security. In Real Time. A range of emails were used to drive recipients to Blackholehosti...
18 | Trend Report Overview Real Security. In Real Time.Rank Category Rank Category1 Education 6 Health & Medicine2 Busines...
19 | Trend Report Overview Real Security. In Real Time.Rank Category Rank Category1 Free Web Pages Portals 6 Shopping2 Edu...
Further Info
21 | Trend Report Overview Real Security. In Real Time.You can download the complete report athttp://www.commtouch.com/thr...
22 | Trend Report Overview Real Security. In Real Time.For more information contact:sales@commtouch.com888 974 5805 (Ameri...
Upcoming SlideShare
Loading in …5
×

Commtouch april 2013 internet threats trend report

2,592 views

Published on

Commtouch’s quarterly Internet Threats Trend Report covers Web threats, phishing, malware, and spam. The first quarter of 2013 saw significant growth in unwanted and dangerous emails with a significant spike in levels occurring in March. The spike affected spam and phishing as well as malware emails. Pump and dump spam made a massive comeback. Spammers and particularly malware senders increasingly exploited current news events in their campaigns. In Web security, the first quarter of 2013 saw extensive use made of the Blackhole exploit kit.

Published in: Technology, News & Politics
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,592
On SlideShare
0
From Embeds
0
Number of Embeds
1,773
Actions
Shares
0
Downloads
12
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Commtouch april 2013 internet threats trend report

  1. 1. 1 | Trend Report Overview Real Security. In Real Time.Internet ThreatsTrend ReportApril 2013
  2. 2. 2 | Trend Report Overview Real Security. In Real Time.The following is a condensed versionof the April 2013 CommtouchInternet Threats Trend ReportYou can download the complete report athttp://www.commtouch.com/threat-report-april-2013Copyright© 2013 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalVieware trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware areregistered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.April 2013 Threat Report
  3. 3. Spam Trends
  4. 4. 4 | Trend Report Overview Real Security. In Real Time. Average 97.4 billion spam emails sent worldwide each day In March average rose to 117.8 billion• March: 78.1 percent of all email were spam, a significant increasefrom January when the spam share was as low as 60 percentSpam levels
  5. 5. 5 | Trend Report Overview Real Security. In Real Time. Spammers usecurrent news topicsof the day to lurerecipients intoopening messages orclicking on links• Examples: New Popeelection, Cyprusfinancial crisisEvent related spam
  6. 6. 6 | Trend Report Overview Real Security. In Real Time. Re-emergence of pump and dump or penny stock spam• 43% in Q1 (part of “other” category)Spam Topics
  7. 7. 7 | Trend Report Overview Real Security. In Real Time.Origins of spam
  8. 8. Zombie Trends
  9. 9. 9 | Trend Report Overview Real Security. In Real Time. Not related to spam zombie levels• Daily levels were basically constant during the attacks• Reports suggested that the attack was the work of one or moreorganizations who resented their inclusion in one or more of theSpamhaus blocklistsSpamhaus DDoS attack
  10. 10. 10 | Trend Report Overview Real Security. In Real Time. India still hosts over 12% of the world’s spam sendingzombies• Zombie distribution was dominated by Asia (the top three and fiveout of the top ten), South America (three) and Eastern Europe (two).Zombie Hotspots
  11. 11. Malware Trends
  12. 12. 12 | Trend Report Overview Real Security. In Real Time. Q1 average: 973 million malware emails sent each day• In March, volume rose by 75.1 percent compared to February More localized email-malware campaigns• Eg: Zalando, hotel.de, flugladen.deEmail-attached-malware levels
  13. 13. 13 | Trend Report Overview Real Security. In Real Time. Single link emails sent from the compromised Yahooaccounts Links lead to compromised websites which redirect to“distribution sites” Distribution sites direct the visitor based on the browser type PC visitors sent to diet scam pagesAndroid targeted attacks (1)
  14. 14. 14 | Trend Report Overview Real Security. In Real Time. Android visitors sent tomalware download page Commtouch’s Antivirusdetects malware:AndroidOS/NotCom.A• Acts as a proxy so it’sable to transmit andreceive network datathrough the infectedandroid device. Thismeans it can steal allkinds of sensitive datasent or received throughthe device networkconnectionAndroid targeted attacks (2)
  15. 15. Web Security Trends
  16. 16. 16 | Trend Report Overview Real Security. In Real Time. The first quarter of 2013 saw extensive use made of theBlackhole exploit kit.• The JavaScript on the page scans the visiting system to determinethe versions of popular and operating system software such asAdobe Flash, Adobe Reader, Java, Windows, and browsers.• Once the kit has determined that there is vulnerability – forexample, in an older version of Adobe Flash found on the visitingsystem – the relevant exploit is loaded allowing the controller to gaina foothold on the infected system.• Finally the Blackhole controller, having gained control of thevisitor, can now deliver further malicious content. This could includea wide range of badware such as fake AV, ransomware, or loggingsoftware to steal banking and Web credentials.Blackhole exploit kit (1)
  17. 17. 17 | Trend Report Overview Real Security. In Real Time. A range of emails were used to drive recipients to Blackholehosting sitesBlackhole exploit kit (2)
  18. 18. 18 | Trend Report Overview Real Security. In Real Time.Rank Category Rank Category1 Education 6 Health & Medicine2 Business 7 Transportation3 Travel 8 Leisure & Recreation4 Sports 9Pornography/Sexuallyexplicit5 Entertainment 10 Free Web Pages Analysis of which categories of legitimate Web sites weremost likely to be hiding malware pages (usually without theknowledge of the site owner) Education category on top againWeb categories: malware
  19. 19. 19 | Trend Report Overview Real Security. In Real Time.Rank Category Rank Category1 Free Web Pages Portals 6 Shopping2 Education 7 Travel3 Computers & Technology 8 Real Estate4 Business 9 Streaming Media5 Sports 10 Health & Medicine Analysis of which categories of legitimate Web sites weremost likely to be hiding phishing pages (usually without theknowledge of the site owner) Portals (offering free website hosting) remained at thehighest positionWeb categories: phishing
  20. 20. Further Info
  21. 21. 21 | Trend Report Overview Real Security. In Real Time.You can download the complete report athttp://www.commtouch.com/threat-report-april-2013
  22. 22. 22 | Trend Report Overview Real Security. In Real Time.For more information contact:sales@commtouch.com888 974 5805 (Americas)+49 30 5200 560 (EMEA)+972 9 863 6888 (APAC)Web: www.commtouch.comBlog: http://blog.commtouch.com

×