Cyberoam, a division of Elitecore Technologies and the leading innovator of Unified Threat Management PLUS (UTM+) solutions, today announced that its Q1 2008 email threat trend report, prepared in collaboration with partner Commtouch, revealed that malware distributors and spammers are now hiding their unwanted messages within legitimate-appearing Websites and messages.
These tactics include pharma spam camouflaged as Hotmail welcome letters, blogspot redirects to malware sites, hidden malware sites in search result URLs, hosted spam images on Flickr accounts and spear-phishing scams using Google and Yahoo! Calendar standards. All of these methods deploy social and psychological engineering strategies to take advantage of user trust and behavior. On average, more than 350,000 zombies were newly activated each day to facilitate this activity.
Social engineering approaches targeting user behavior patterns had also seen a steep rise during Q4 2007, where spammers launched attacks deploying easy cash and discounted gift scams. Existing security solutions have been unable to block the new formats, resulting in an alarming rise in spam levels reaching 94% of all email at its peak to date in 2008.
During this period, spam and malware writers leveraged current affairs to keep their messages relevant. When the U.S. Federal Reserve cut interest rates in late January in response to the mortgage crisis, millions of U.S. mortgages became eligible for refinancing.
Spammers capitalized and pumped out immense quantities of mortgage refinancing spam, which jumped from 2% to 10% of all spam in this quarter. Consequently, the rise in mortgage spam delayed or prevented email correspondence between banks and their customers as technologies could not differentiate between valid mortgage-related mail and the spam.
The report also revealed that holidays continued to be a vehicle for spam, with outbreaks in honor of Valentine's Day, St. Patrick's Day and April Fool's Day. Most anti-spam solutions were ineffective, as blocking emails leveraging holiday-themed keywords often resulted in false positives.
Cyberoam provides a multi-layered defense against such attacks. A Commtouch RPD™-based anti-spam engine filters all mail. Cyberoam also features content filtering protection by adding URLs in custom categories to block the spread of the threat. Additionally, Cyberoam features antivirus protection to block malware downloads.
"The latest email threats, as revealed and described in the report, clearly indicate that spammers are able to create a false sense of trust among their targets by leveraging legitimate resources," said Joshua Block, Vice President of North American Operations for Cyberoam.
"Spam becomes more elusive as techniques continue to evolve, so it is imperative that organizations deploy a multi-layered defense to prevent any intrusion. Through our unique identity-based policies, along with Commtouch's Rapid Pattern Detection and outbreak prevention technologies, Cyberoam is well-positioned to offer end users the deepest and most comprehensive level of protection."
Cyberoam uses the Commtouch RPD technology to analyze large volumes of Internet traffic in real-time. Unlike traditional spam filters, it does not rely on email content, so it is able to detect spam in any language and in every message format (including images, HTML, etc.), non-English characters, single and double byte, etc. Its language and content agnostic nature enables it to provide effective spam blocking capabilities.
Cyberoam incorporates this technology within its UTM+ appliances, which deploy identity-based functionality across all of its features. A departure from traditional IP address-dependent solutions, Cyberoam determines precisely who is doing what in the network, providing IT managers with stronger policy control and clearer visibility of activity.
Click here to read the full report on Q1 2008 Email Threat Trends
About Cyberoam
Cyberoam UTM+ appliances offer comprehensive protection against existing and emerging Internet threats, including viruses, worms, Trojans, spyware, phishing, pharming and more. C
yberoam identity-based solutions provide the complete range of security features expected in a traditional UTM platform such as stateful inspection firewall, VPN, gateway anti-virus, gateway anti-malware, gateway anti-spam, intrusion detection and prevention, content filtering, but also includes Identity-based Network Access Control (NAC) in addition to Total Bandwidth Management (TBM) and Multiple Link Management over a single platform.
Cyberoam solutions are certified by the West Coast Labs with CheckMark UTM Level 5 Certification, ICSA Labs, an independent division of Verizon Business, and the Virtual Private Network Consortium. Cyberoam has also received the 2007 Global Excellence Awards for Integrated Security Appliance, Security Solution for Education and Unified Security, and the 2007 Tomorrow's Technology Today Award for Unified Security. Cyberoam has offices in the Woburn, Mass., India and Asia-Pacific. For more information, please visit http://www.cyberoam.com |
