Barack Obama, Paris Hilton and Britney Spears might be the GOP's idea of star power, but when it comes to celebrity spam circulating the Internet, the trio has nothing on Angelina Jolie. The mother of six inspired an average 2.28% of the total daily email volume on the planet in July, the bulk of it using her name and the word naked in the subject line, according to the research labs at Secure Computing Corp., a San Jose, Calif., provider...
of enterprise gateway security. (The Angelina Jolie campaign contains a URL linked to an executable binary, mostly seen as msvideoc.exe hosted at multiple domains, the report explains.)
The celebrity stats are, however, a sidelight in Secure Computing's Internet Threat Report published in mid-August, which provided a sober look at the top network traffic threats of second-quarter 2008 and predictions for the remainder of the year.
According to the report, spam grew an eyebrow-raising 280% during the second quarter of 2008, compared with the same period a year ago. The good news is that the volume is actually down 40% from the previous quarter, marking a low ebb for the year. Zombies are in retreat. Last summer, new Zombies spawned at a rate of 300,000 per day, while this summer's numbers are half that.
But companies should not be lulled by the decline, said Sven Krasser, director of data mining at Secure Computing's Trusted Source labs, who pointed to trends that indicate spam's inexorable upward trajectory. Every day, the crime families prowling the Internet for gain develop new vectors of attack.
"The general thing that we see are blended threats, something very prolific at this point," Krasser said. "The attacks blend email and Web threats or email messages that contain links and lures to make you click on the link."
Since many companies employ antivirus solutions at the email gateway, the criminal intent is to circumvent that by using a link to the malware. Without integrated and correlated protection between the two, a company's ability to stay ahead of these threats will become more difficult, Krasser said.
In addition to using movie stars like Jolie, tried-and-true pitches for male enhancement products and prescription drugs are popular enticements to click on links. Cybercriminals also increasingly prey on our need to know, luring people with promises of video on breaking news, such as an earthquake or political threat, the report found.
Swizzor, a fast-growing ad and spyware family, accounted for more than 30% of all new malware in the second-quarter period. The ZBot spyware family also grew significantly this quarter, introducing a twist that intrigued Krasser. "The malware tries to break into your home router and change the DNS so it can redirect you to any website when you start browsing," he said. "It makes use of your network infrastructure and turns it against you." With the backdoor assault on infected computers, attackers gain full control of the compromised systems, which then can be used for distributed denial-of-service attacks or SPAM relaying.
Made in America, misplaced priorities
Other findings? The U.S. leads the world in spam, spewing some 16.6% of the world's volume. The figure is nearly three times that of the second-place contaminator, Russia (6.7%). Sex sells (duh) more than ever. The average number of porn sites appearing daily was 45% higher in the second quarter than in the first three months of this year, a trend partly attributable, says Secure Computing, to the increase in pornographic content on social networking sites and discussion boards. Plus, when it comes to spam, the word exotic is hardly a euphemism: 50% of all websites are now published in languages other than English, so those bad links to malware appear in many tongues.
Yates recommended that security operations managers start to rectify that protection gap by building a case for full disk encryption; looking into information leak protection tools; and keeping the traditional security toolbox refreshed and up to date.
Oh, and the celebrity spam stuff? Hillary Clinton shows up in sixth place, right after Jessica Simpson and about even with President George W. Bush. As for Jolie paramour Brad Pitt, the handsome papa did make the top 10 list. Email using his name accounts for about 2% of celebrity spam, on par with Osama bin Laden and Michael Jackson.
Let us know what you think about the story; email: Linda Tucci, Senior News Writer