Spam Attack Update
Spam volumes set an all-time high in June,
when volumes grew 51% since January 2007. In July, spam volumes dropped
slightly. However, over 91% of all incoming email remains junk messages.
Spammers are launching these massive attacks through the use of botnets
networks of compromised computers infected by hackers. We also observed a
significant jump in our blocking of messages with attached PDF and Excel files
containing the spam "pitch." This is the result of a new tactic, in which
spammers embed spam content in legitimate file types, such as .zip files and
Excel files. Image spam decreased from about 35% to about 25% of all junk
messages. In terms of the total amount of spam, the use of PDF and Excel files
has somewhat offset the decrease in image spam.
Virus Threat Update
July was the most active month for virus
attacks in over two years. During a major attack from July 2-9, spam filters
tracked and blocked over 523 million virus-infected messages for customers. The
volume of virus-infected messages was over three times larger than any attack
over the past two years. On July 16th, a new attack began that was still
underway at the time of this report. Over two billion virus-infected messages
have been sent during the course of this attack, making it over 14 times larger
than any attack in the past two years. These virus attacks are mutations of the
"Storm" malware code family, which harvests computers into botnets. The
"blended-attack" messages contain URLs to hacked websites that deliver the
malware to the target computer. If a user clicks the link, this can secretly
install a generic software downloader that allows hackers to download more
malware to the user's system. We see the hacker/spammer community rapidly
evolving and specializing in delivering virus threats through email; botnets
have become a commoditized resource that is available for rent. Botnets send
virus-infected messages, which in turn harvest more computers into the spammer
network. Botnets are largely responsible for constantly increasing spam
volumes, image spam, and now PDF spam.