Application security

Sophos: U.S. still world’s spam leader; attackers warm to web threats

While the percentage of infected emails declined significantly last year, web-related threats rose significantly, reported researchers at Sophos this week.

Sophos also reported this week in its Security Threat Report 2007 that the United States continues to lead the world in spam production.

Ron O’Brien, senior security analyst at Sophos, told today that attackers are switching methods.

"There was a significant reduction in viral emails in 2006," he said. "That doesn’t mean that the threat has been diminished at all — what that means is that the threat is being delivered via the internet, specifically the web. This is a particular threat to networks because we’ve seen an increase of malware that is specifically written to steal information on networks."

While infected emails declined from one in 44 of all messages sent in 2005 to one in 337 last year, the volume of spam still has not diminished.

The U.S. is the top country in the world for relaying spam, according to Sophos, with 22 percent of spam messages originating or passing through here. Of all spam messages, the firm estimates that a whopping 90 percent are relayed from zombie computers.

But the real problem lies in web threats, O’Brien said. Particularly disconcerting are multiple downloading trojans which can be hidden on websites and uploaded onto unsuspecting users’ systems when they click on an infected link.

In January 2006, spyware-laden mail made up 50 percent of all infected mail, while emails with malicious links made up 40 percent. Over the course of last year those stats reversed. In December, mail with malicious links made up 51 percent of infected messages, and spyware was included in 42 percent of all email.

Click here to email West Coast Bureau Chief Ericka Chickowski.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.