Massive rise in phishing attacks

The number of phishing attacks in May increased by 226 percent, according to a new report by IBM.

Publishling the figures in its Global Business Security Index, the company found that networks of compromised computers, known as botnets, were the main reason for the massive jump.

The study of 500,000 monitored systems and 2,700 security professional also recorded an increase in virus-infected emails. According to the figures, 30 percent of all emails are now infected with some form of virus, a figure up 33 percent from the previous month. The amount of spam leveled off at 68.7 percent of inbound email traffic over the last three months.

The company also identified a zombie network operating from compromised hosts at several educational institutions caused by an active exploitation of a Microsoft Library ASN.1 vulnerability. The company said it had contacted the organizations involved to fix the problem.

"Even a small disruption can have serious impact on business operations, and loss of data integrity or confidentiality can lose a customer base that took years to build," said Cal Slemp, vice president, security and privacy services, IBM Global Services.

A different survey by Fortinet found that trojans being spammed via botnets was an emerging new trend. Guillaume Lovet, EMEA Threat Response team leader at Fortinet said there were two main causes for this. First, spyware authors buy or rent botnets to "plant" their malware. The advantages of this was an almost guaranteed rate of success given the size of the seeding net. And second, mass-mailers use this seeding to spread more effectively.

"An obvious advantage is that only the trojan is going through the probable anti-virus engine integrated with the mail server," said Lovat. "And because simple downloaders have a very reduced set of features (and absolutely no replication feature), they are way less likely to get caught by modern anti-virus scanning strategies, such as heuristics or sandboxing."

He said there was a strong indication that more attacks of this nature would happen in the future.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.