Article

Angelina Jolie-inspired spam campaign signals disturbing network threats

Linda Tucci, Executive Editor
Barack Obama, Paris Hilton and Britney Spears might be the GOP's idea of star power, but when it comes to celebrity spam circulating the Internet, the trio has nothing on Angelina Jolie. The mother of six inspired an average 2.28% of the total daily email volume on the planet in July, the bulk of it using her name and the word naked in the subject line, according to the research labs at Secure Computing Corp., a San Jose, Calif., provider of enterprise gateway security. (The Angelina Jolie campaign contains a URL linked to an executable binary, mostly seen as msvideoc.exe hosted at multiple domains, the report explains.)

    Requires Free Membership to View

More on network security
Malware real threat to holiday shopping on company time

Web services transform security mind-set
Indeed, Jolie-inspired spam attacks far outstrip those generated by other top celebrities. According to data culled by Secure Computing labs, the actress's name is used fivefold more times (45%) in spam campaigns than Barack Obama's (9%), the distant second-place finisher followed closely by Hilton (7%), then Spears (about 4%).

The celebrity stats are, however, a sidelight in Secure Computing's Internet Threat Report published in mid-August, which provided a sober look at the top network traffic threats of second-quarter 2008 and predictions for the remainder of the year.

According to the report, spam grew an eyebrow-raising 280% during the second quarter of 2008, compared with the same period a year ago. The good news is that the volume is actually down 40% from the previous quarter, marking a low ebb for the year. Zombies are in retreat. Last summer, new Zombies spawned at a rate of 300,000 per day, while this summer's numbers are half that.

But companies should not be lulled by the decline, said Sven Krasser, director of data mining at Secure Computing's Trusted Source labs, who pointed to trends that indicate spam's inexorable upward trajectory. Every day, the crime families prowling the Internet for gain develop new vectors of attack.

"The general thing that we see are blended threats, something very prolific at this point," Krasser said. "The attacks blend email and Web threats or email messages that contain links and lures to make you click on the link."

Since many companies employ antivirus solutions at the email gateway, the criminal intent is to circumvent that by using a link to the malware. Without integrated and correlated protection between the two, a company's ability to stay ahead of these threats will become more difficult, Krasser said.

In addition to using movie stars like Jolie, tried-and-true pitches for male enhancement products and prescription drugs are popular enticements to click on links. Cybercriminals also increasingly prey on our need to know, luring people with promises of video on breaking news, such as an earthquake or political threat, the report found.

Swizzor, a fast-growing ad and spyware family, accounted for more than 30% of all new malware in the second-quarter period. The ZBot spyware family also grew significantly this quarter, introducing a twist that intrigued Krasser. "The malware tries to break into your home router and change the DNS so it can redirect you to any website when you start browsing," he said. "It makes use of your network infrastructure and turns it against you." With the backdoor assault on infected computers, attackers gain full control of the compromised systems, which then can be used for distributed denial-of-service attacks or SPAM relaying.

Made in America, misplaced priorities

Other findings? The U.S. leads the world in spam, spewing some 16.6% of the world's volume. The figure is nearly three times that of the second-place contaminator, Russia (6.7%). Sex sells (duh) more than ever. The average number of porn sites appearing daily was 45% higher in the second quarter than in the first three months of this year, a trend partly attributable, says Secure Computing, to the increase in pornographic content on social networking sites and discussion boards. Plus, when it comes to spam, the word exotic is hardly a euphemism: 50% of all websites are now published in languages other than English, so those bad links to malware appear in many tongues.

"The attacks blend email and Web threats, or email messages that contain links and lures to make you click on the link."
Sven Krasser
director of data miningSecure Computing's Trusted Source labs
In a report published July 31, analyst Simon Yates at Forrester Research Inc. in Cambridge, Mass., took a contrarian view, scolding security managers for fixating on malware when they should be focusing on data protection. A Forrester survey of more than 1,000 security managers showed they continue to list viruses, worms and spyware as their top security threats, despite a decrease in the prevalence of malware. And in a sense, the attention is good. "Since security directors consider malicious code a significant threat, it's no surprise that nearly 50% of enterprises have already adopted personal firewalls and patch management," he wrote. But data protection measures are woefully underadopted, and that needs to change, he urged.

Yates recommended that security operations managers start to rectify that protection gap by building a case for full disk encryption; looking into information leak protection tools; and keeping the traditional security toolbox refreshed and up to date.

Postscript

Oh, and the celebrity spam stuff? Hillary Clinton shows up in sixth place, right after Jessica Simpson and about even with President George W. Bush. As for Jolie paramour Brad Pitt, the handsome papa did make the top 10 list. Email using his name accounts for about 2% of celebrity spam, on par with Osama bin Laden and Michael Jackson.

Let us know what you think about the story; email: Linda Tucci, Senior News Writer


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: