HeaderLine
Home ›› Company ›› Products ›› Solutions ›› Partners ›› News & Events ›› Press Releases

Spammers Switch to Compromised Accounts to Reduce Reliance on Botnets, Says Commtouch Report

Sunnyvale, Calif. – July 12, 2011 – Spammers today favor compromised accounts for sending spam, gradually shifting distribution away from botnets, Commtouch® (Nasdaq: CTCH) reported today in its quarterly Internet Threats Trend Report, which covers Web threats, phishing, malware, and spam. The changed tactic has emerged as spam levels dropped dramatically, following several high-profile botnet takedowns.

“Spammers are trying to out-maneuver IP-based spam blocking techniques as well as law enforcement that have both effectively targeted botnets,” said Amir Lev, Commtouch’s chief technology officer. “They are now using a combination of malware and phishing to compromise legitimate accounts and then using these accounts to send low-volume spam outbreaks.”

On the Web security front, Facebook continued to be abused for attacks as more and more consumers expand their use of the social network.  Facebook malware tricked users by promising applications that reveal who was viewing their profiles as well as Osama Bin Laden death videos. 

Other malware distribution tactics used during the quarter included:

  • Phony IRS “rejected payment” emails.
  • Fake iPhone 5 notifications.
  • SEO poisoning.
  • Malicious scripts within Adobe PDF files.

Additional highlights from the July 2011 Trend Report include:

  • Spam levels averaged 113 billion spam/phishing messages per day during Q2, the lowest in three years.
  • Approximately 377,000 zombies were activated daily during Q2, a significant increase compared to the 258,000 zombies in Q1.
  • The most popular spam topic in Q2 was pharmacy ads, although these now represent only 24% of all spam, down from 28% in Q1.
  • India keeps its title as the country with the most zombies – 17% of all zombies worldwide.
  • Websites featuring pornography and sexually explicit material were the most likely to contain malware.

Commtouch’s quarterly trend report reflects the results of its analysis of billions of Internet transactions daily within the company’s cloud-based GlobalView™ Network.
Commtouch’s Recurrent Pattern Detection™, GlobalView technologies and multi-layered Command Antivirus® identify and block Internet security threats.  More details, including samples and statistics, and a brief presentation summarizing the report are available at: http://www.commtouch.com/threat-report-July-2011.

NOTE: Reported global spam levels are based on Internet email traffic as measured from unfiltered data streams, not including internal corporate traffic. Therefore global spam levels will differ from the quantities reaching end user inboxes, due to several possible layers of filtering.

About Commtouch
Commtouch® (NASDAQ: CTCH) safeguards the world’s leading security companies and service providers with cloud-based Internet security services. A cloud-security pioneer, Commtouch’s real-time threat intelligence from its GlobalView™ Network powers Web security, messaging security and antivirus solutions, protecting thousands of organizations and hundreds of millions of users worldwide.
Stay abreast of the latest news at the Commtouch Café:
http://blog.commtouch.com. For more information about enhancing security offerings with Commtouch technology, see http://www.commtouch.com or write to info@commtouch.com.

Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.

Commtouch Contact
Amy Kenigsberg
US: 1-913-440-4072
Int'l: +972-9-794-1681
amyk@commtouch.com