Threat forecast predicts more Storm, spam, phish

Share this article:
Variants of the Storm Worm are expected to emerge in the form of e-cards, just in time for Father's Day, according to a report released by MX Logic.

The company's June 2008 Threat Forecast also predicts a slight increase in overall spam levels and for spam and phishing schemes related to:
  • The China earthquake
  • Increased gas prices
  • Stimulus checks
According to the report, total spam volume is expected to remain high or increase slightly, even though May showed a 15 percent decline in overall spam volume. Historically, a decrease in overall spam volume is only brief and is typically followed by an increase.

Also, in addition to Storm variants, a recent CNN news spam observed in late May could be a prelude to a broader attack. This particular spam didn't contain anything malicious, which is often a tell-tale sign of a test run by spammers.

The MX Logic Threat Forecast and Report is published every month and is developed using current and historical data and trends, as well as expert analysis of realtime spam and virus events monitored and assessed by the 24x7 MX Logic Threat Operations Center.

However, this forecast is relatively conservative, Avivah Litan, vice president and distinguished analyst at Gartner Inc. told SCMagazineUS.com on Thursday.

“There is nothing really new here, but just a confirmation of several key trends,” she said.

According to Litan, those trends include Spam and phishing email volume that continues to rise, despite temporary declines such as seen with spam volume in May and  mutants of worms and other trojans that continue to be a looming and growing threat. And the market is far behind is fighting these attacks.

“There is strong pent-up demand for new behavior-based anti-malware technology, but good solutions are scarce,” Litan explained. “In the meantime, there is strong evidence that malware on end-user desktops is a rapidly growing attack vector for the criminals.”

Social engineering continues to be a major threat against all businesses and customers, and is especially problematic given existing business processes and day-to-day routines.

“There are solutions that can be put in place -- such as strong mutual federated authentication -- but they essentially require a major retooling and 'securitization' of our open internet infrastructure,” she added.




Share this article:

Sign up to our newsletters

More in News

Report: SQL injection a pervasive threat, behavioral analysis needed

Report: SQL injection a pervasive threat, behavioral analysis ...

Long lag times between detection and resolution and reliance on traditional methods impair an organization's ability to combat SQL injection attacks.

WhatsApp bug allows for interception of shared locations

Researchers identified a vulnerability in WhatsApp that could enable an attacker to intercept shared locations using a man-in-the-middle attack, or a rogue access point.

Google tweaks its terms of service for clarity on Gmail scanning

The company is currently dealing with a lawsuit that challenges its email scanning practices.