In The Mail March2010 English


Published on

Highlights from this edition:

• 3.5 billion messages processed
• 10% of classified Web links within email were malicious
• 83.4% of all email was spam
• 93.7% of spam included an embedded URL
• 0.4% of spam emails where phishing attacks
• 1.1 million instances of 85 unique zero-day threats stopped by ThreatSeeker before AV
• 26% average daily threats protected using ThreatSeeker
• 99.5% spam detection rate
• 1 in 327,083 false positive rate

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

In The Mail March2010 English

  1. 1. Ma rch 2 0 1 0 Volume 3, Issue 3 Monthly Websense Email Security Threat Brief Top 10 Classifications of URLs in Email Top 10 ThreatSeekerTM Malware Discoveries & Closed Window of Exposure Instances AV Exposure Window Tech 1,000,000 60 Other 18% 100,000 28% Instances Hours 10,000 40 1,000 Malicious 100 20 10% 10 Social Shopping 1 0 Networks 5% 5% Financial Business 4% 8% Forums Storage Search 3% 15% 4% Figure 1: Embedded URLs in Email Figure 2: First to Detect Understanding how Web URLs in Email are classified Because of the ThreatSeekerTM Network, our Email Security customers are protected is crucial to stopping converged threats hours, and often days, before other security vendors provide a solution. KEY STATS Spammer Scare Tactics Monthly Email Trends from the Security Labs Threats “in the mail” this month:  3.5 billion messages processed by the Hosted Infrastructure (over 112 million per day) This past month has seen some diversification of social  83.4% of all email was spam engineering in malicious spam. Spammers have abused big  93.7% of spam included an embedded URL brand names to entice possible victims into clicking on URLs  1.1 million instances of 85 unique zero-day in messages. One such example we alerted on was an Apple threats stopped by ThreatSeeker before AV App Store campaign. With this campaign, spammers abused  0.4% of spam emails were phishing attacks the good reputation of legitimate sites to host their redirects. Compromised sites were linked in Apple App How Websense is addressing these threats: Store spam and would redirect to the final spam site  99.5% spam detection rate. Websense Hosted destination. In some cases there were even client side Email Security provides 99% spam detection Service Level Agreement. exploits hosted on the redirect sites! Spammers also tried to lure victims by sending fake Skype toolbars for Outlook.  Average false positive rate of 1 in 327,083  26% average daily threats protected using ThreatSeeker intelligence before AV signatures A couple of new and interesting spam cases included two were available countries and a big sporting event. Spammers used scare tactics as a lure for victims to open malicious ZIP What this means: attachments. The emails were spoofed to look as though  The threat landscape is dangerous and growing they were sent from official US intelligence agencies and more sophisticated. stated that North Korea had launched a missile at Japan.  Websense is on the forefront of finding these threats including the increasingly pervasive Riding on the PDF infection train, spammers also sent out blended threats. targeted attacks containing infectious PDF files. The attacks  Most importantly, Websense is ideally consisted of FIFA World Cup themed messages with a PDF positioned to address these threats with our attachment. These attachments were laced with exploits market-leading Web security expertise, which drives our leadership in protecting from intended to compromise the end user's computer. converged email & Web 2.0 threats.
  2. 2. Spam as a Percent of Inbound Email 95% Why Websense Email Security? 90% 85% - The Websense ThreatSeeker 80% Network provides the 75% intelligence to proactively 70% protect against spam and malware – far ahead of traditional anti-spam and anti- virus alone. Figure 3 - Percent of email that contains spam (Average 83.4%) While this figure fluctuates, this signifies that a very high percentage of incoming email is indeed spam. Without a strong email security solution, customers will experience bandwidth and storage capacity issues, - Today’s pervasive blended frustration, and a drain in productivity, not to mention exposure to significant security risk. threats are best matched by integration of best-in-class Websense Web security with email security for Essential Information Protection. Spam Detection Rate (Ave 99.5%) 100.0% 99.8% 99.6% 99.4% 99.2% 99.0% Figure 4 - Percent of spam detected (Average 99.5%) This is evidence that we are consistently maintaining a very high spam detection rate. Customers should be very confident that with Websense they are receiving the best in anti-spam protection. False Positive Rate (1 in 327,083) 2,500,000 250,000 25,000 2,500 Figure 5 - False Positive Rate (Average 1 in 327,083) This shows how Websense is consistently maintaining a very low false positive rate. While Websense is catching a high percentage of spam, customers are rarely inhibited by messages falsely landing in a spam queue.