Symantec: spam, phishing grow, botnets shrink in '04

A new report released by security company Symantec found incidents of online identity theft scams, also known as "phishing attacks", skyrocketed in the second half of 2004, as did spam and new software vulnerabilities. But other Internet blights, such as zombie networks of compromised computers, or "bots", actually declined.

The number of phishing -mail messages intercepted by Symantec grew 300 per cent since June 2004, while spam email traffic intercepted by Symantec increased by 77 per cent and reports of serious software vulnerabilities grew by 13 per cent, according to the Symantec Internet Security Threat Report. Online fraud might be driving many of the trends, as attackers turn to strategies that were useful for identity theft and other online scams, senior director of engineering at Symantec Security Response, Alfred Huger, said.

The Symantec Internet Security Threat Report is a semi-annual report that brings together data from Symantec's global DeepSight network, customer networks and networks of decoy servers and e-mail accounts that the company maintains.

Symantec anti-fraud filters blocked 33 million phishing email messages each week by the end of the year, compared with just 9 million a week in mid-July.

The problem was not likely to abate, as online criminals got more sophisticated about spoofing legitimate email traffic, the report said.

Phishing scams use spam to direct Internet users to websites that are controlled by thieves, but designed to look like legitimate e-commerce sites. Users are asked to provide sensitive information such as a password, bank account information or a credit card number, often under the guise of updating an account.

The growth was part of a larger trend in fraud-related email, Huger said.

"We're seeing a financial motive behind the creation of malware," he said.

In all, Symantec noted a 64 per cent increase in all types of malicious software, including viruses and Trojan horse programs in the period covered by the report, a number that excluded both spyware and adware, Huger said.

One exception to that trend was PCs belonging to zombie "bot" networks. After surging in the first half of the year, the number of computers in bot networks (or botnets) decreased, from more than 30,000 bot systems scanning the Internet each day in July to fewer than 5000 a day by the end of the year, Symantec said.

Symantec did not cite a reason for the reduction, but said that action to shut down bot activity by large, international Internet service providers and the release of Microsoft's Windows XP Service Pack 2 update could account for the decline.

However, other explanations were possible, including a shift away from huge and persistent botnets, towards smaller networks that stayed online for shorter periods, Symantec said.

Behind the scenes, there is still plenty of interest in bot software. The number of new variants for bot software increased dramatically in the period covered by the study.

For example, Symantec collected 4288 unique variants of Spybot, a family of bot software, in the second half of the year - around 23 new variants of the software every day, Huger said.

"That's the biggest leap we've ever seen, and it tells us that people are iterating the code to make it more successful, and also that there are more people in the game of writing [bot] variants," he said.

Bots and bot networks that are used in attacks for financial gain would continue to be a problem in the next six months, Symantec said. The company also predicted that worms and viruses that target vulnerabilities on software clients would become a bigger problem, and that attacks on mobile device platforms and the heretofore ignored Apple's Mac operating system.

A growing number of software vulnerabilities were also fueling the rise in malicious code, Huger said.

Symantec documented more than 1403 new vulnerabilities between July 1, 2004 and December 31, 2004, an average of 54 vulnerabilities per week, compared with 48 per week in the first half of the year, Symantec said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?