Virus and phishing attacks soar in September

Virus and phishing attacks soar in September


Second surge of email attacks targeted at executives

Security experts have warned that virus and phishing levels have increased significantly, reaching levels not seen since early 2006.

The MessageLabs Intelligence (PDF) report for September also highlights a second wave of increasingly sophisticated email attacks targeted at executive-level and senior management.

MessageLabs estimates that, on average, there is now a virus threat incorporated within every 48 emails.

Cyber-criminals are steering away from using the more obvious attachment method of distribution, and favouring the use of links to malicious websites hosting malware code.

This technique, which increased in popularity by approximately 15 per cent this quarter, allows cyber-criminals to use social engineering attacks such as e-cards.

Contrary to the recent findings in a report by F-Secure, MessageLabs has seen the volume of phishing threats surge this month with one in every 87 emails hosting a phishing attack.

The report attributes this to the increased availability of phishing kits, and new techniques such as 'rock' phishing which enables a single compromised computer within a botnet to host multiple phishing sites at the same time.

"The start of the new school year seemed to bring back an increase in old-school threats in high volumes," said Mark Sunner, chief security analyst at MessageLabs.

"With email more ubiquitous than the telephone, and one in 48 emails containing a virus, most people are unwittingly receiving more than one virus a day.

"As we enter the last quarter of 2007 and draw closer to the holiday season, the bad guys will be able to disguise their attacks through the increase in genuine well-wishing emails and the anticipated upsurge in online shopping."

MessageLabs also believes that the rise of comprised machines through aggressive botnet activity will further increase spam levels.

The September threat figures have also shown that highly targeted methods are still rife.

MessageLabs saw more than 1,100 senior management executives targeted in an attack on 12 September, thought to be by the same perpetrators of a similar assault on 26 June.

The sophisticated emails purport to be from a recruitment company and use a Microsoft error message to persuade the victims to click on the RTF attachment.

The RTF file contains an executable which drops two files onto the computer which in turn will be used to pass sensitive information back to the attacker.

Paul Wood, a senior analyst at MessageLabs, said that the increase in highly targeted attacks was "particularly worrying as the methods used and the small scale of the attacks made them very difficult to detect".

He added that alternative educational tools such as the Anti-Phishing Phil game designed by a team at Carnegie Mellon University are a great idea as technology, no matter how advanced, will only ever provide some level of protection.

"Users need to have a level of education, support and knowledge to effectively deal with security," said Wood.