Cybercriminals are diversifying, according to a new report from MessageLabs. Their data indicates that threats are being transmitted through less-common methods such as “mobile text messaging, Web-based instant messaging, weblogs and social networking communities such as MySpace.com.”
Mark Sunner, the chief technology officer at MessageLabs, discussed the company’s findings. “The increased convergence of threats across email, web, and IM combined with the increased sophistication of techniques is an interesting new development,” he said.
“Today,” Sunner continued, “we see a growing number of emails and IMs containing links to websites where malware or spyware is automatically downloaded, as opposed to the traditional method where the message itself has a piece of malware attached. So, a harmless looking email can quickly become a web threat.”
MessageLabs claims that “the global ratio of spam in email traffic from new and unknown bad sources” increased 6.9 percent from May to June. The global spam rate, though, was “roughly flat compared to the previous quarter,” and “7.8 percent below the same period in 2005.”
Compared to that mixed bag, June’s “global ratio of viruses in email traffic from new and previously unknown bad sources destined for valid recipients” showed solid improvement. The ratio was down 0.5 percent, 0.7 percent, and 1.4 percent, as compared to the previous month, previous quarter, and same period of 2005, respectively.
The company detected a “quarter-on-quarter increase of 6.5 percent in the proportion of phishing attacks judged as a proportion of all email-borne threats,” however. Still, MessageLabs appears to be most concerned about the new methods cybercriminals are using.
These “new mediums . . . bypass email-based anti-spam measures and more effectively target recipients based on their age, location and other characteristics,” the report stated. While this isn’t a promising development, it’s good to be aware of it.