Spam a lot worse in 2006

2006 has been categorised by a "relentless escalation" of spam activity throughout the year as annual average levels of unsolicited junk email reached 86.2 per cent, security watchers have estimated.

According to the 2006 Annual MessageLabs Intelligence Report, this hike in spam volumes has been driven largely by new targeted techniques and an increase in the sophistication of botnets.

The report adds that adoption of new levels of ingenuity has changed the focus of the threat landscape significantly, with spam overtaking viruses as the dominant menace over the past 12 months, a trend which is predicted to continue through 2007.

The study noted that corporate and industrial espionage attacks are also on the rise through targeted Trojans intended to steal intellectual property and confidential information.

MessageLabs reports intercepting two attacks per day, compared to a much lower rate of one per week at the same point in 2005.

The targeted approach is prevalent in phishing attacks too, an increasingly dominant force in all malicious emails intercepted by MessageLabs, with levels rising from 10.6 per cent in January to 68.8 per cent in December.

A key component in the success of these highly targeted attacks, according to MessageLabs, is the distribution of spyware and adware which has grown into a multibillion dollar industry and fuelled an increase in the number of botnets.

Botnets have the ability to retrieve information such as usernames, passwords, credit card numbers and other personal data stored in the web browser's auto-fill database.

MessageLabs analysts saw an increased number of bad guys renting up to 2,000 bots for just $50-$60 a week, with the option of trading payment for stolen credit card numbers. This trend is likely to continue in 2007.

"2006 was the year that spammers took the security industry by storm and sho wcased their new tactics and techniques for mass disruption," said Mark Sunner, chief technology officer at MessageLabs.

"Now accounting for almost nine out of 10 emails, spam has categorically shed its title of being a nuisance and is a perilous threat which all companies need to be protected against.

"The next year will certainly bring more targeted and sophisticated attacks as the bad guys continue to sharpen their tools. Companies need to take a layered and proactive approach by fighting cyber-criminals from 'the cloud' at the internet level."

With the exception of the Nyxem.E virus in January, no major virus outbreaks took place this year.

MessageLabs intercepted more than four million copies of the virus during the first week of the outbreak. The annual average virus rate in 2006 was one in 67.9, a significant drop from one in 36.2 in 2005.

In contrast, phishing attacks grew this year to account for one in every 274.2 emails. Phishing attacks accounted for 24.8 per cent of all malicious emails intercepted by MessageLabs in 2006, rising from 10.6 per cent in January to 68.6 per cent by the end of the year.

This is an increase from only 13.1 per cent in 2005, marking a huge shift in cyber-criminal activity.

Israel was identified by MessageLabs as having the highest average spam rate overall for 2006 with 73.2 per cent, a position held jointly by the US and Canada in 2005.

Australia (48.1 per cent), Hong Kong (71.7 per cent) and Singapore (50.7 per cent) all saw the greatest increases in spam rates year on year.

MessageLabs analysts pointed to increasingly aggressive attacks in these regions to account for the dramatic increases over the past 12 months. Virus levels in all countries declined in 2006 compared to 2005.

MessageLabs predicts that 2007 will be the year of convergence between spam, viruses and spyware and also across business communication protocols, a trend that started to appear in 2006.

Instant messaging threats are expected to become more aggressive as more IM ecosystems open their networks to each other in 2007, like Yahoo and MSN did in 2006.

Attacks against social networking sites such as MySpace and professional sites like LinkedIn and Plaxo are expected to continue due to useful and accessible contact information and user interests, making it easier to launch targeted attacks.