Spam a lot worse in 2006

2006 has been categorised by a "relentless escalation" of spam activity throughout the year as annual average levels of unsolicited junk email reached 86.2 per cent, security watchers have estimated.

According to the 2006 Annual MessageLabs Intelligence Report, this hike in spam volumes has been driven largely by new targeted techniques and an increase in the sophistication of botnets.

The report adds that adoption of new levels of ingenuity has changed the focus of the threat landscape significantly, with spam overtaking viruses as the dominant menace over the past 12 months, a trend which is predicted to continue through 2007.

The study noted that corporate and industrial espionage attacks are also on the rise through targeted Trojans intended to steal intellectual property and confidential information.

MessageLabs reports intercepting two attacks per day, compared to a much lower rate of one per week at the same point in 2005.

The targeted approach is prevalent in phishing attacks too, an increasingly dominant force in all malicious emails intercepted by MessageLabs, with levels rising from 10.6 per cent in January to 68.8 per cent in December.

A key component in the success of these highly targeted attacks, according to MessageLabs, is the distribution of spyware and adware which has grown into a multibillion dollar industry and fuelled an increase in the number of botnets.

Botnets have the ability to retrieve information such as usernames, passwords, credit card numbers and other personal data stored in the web browser's auto-fill database.

MessageLabs analysts saw an increased number of bad guys renting up to 2,000 bots for just $50-$60 a week, with the option of trading payment for stolen credit card numbers. This trend is likely to continue in 2007.

"2006 was the year that spammers took the security industry by storm and sho wcased their new tactics and techniques for mass disruption," said Mark Sunner, chief technology officer at MessageLabs.

"Now accounting for almost nine out of 10 emails, spam has categorically shed its title of being a nuisance and is a perilous threat which all companies need to be protected against.

"The next year will certainly bring more targeted and sophisticated attacks as the bad guys continue to sharpen their tools. Companies need to take a layered and proactive approach by fighting cyber-criminals from 'the cloud' at the internet level."