Symantec: spam, phishing grow, botnets shrink in '04

A new report released by security company Symantec found incidents of online identity theft scams, also known as "phishing attacks", skyrocketed in the second half of 2004, as did spam and new software vulnerabilities. But other Internet blights, such as zombie networks of compromised computers, or "bots", actually declined.

The number of phishing -mail messages intercepted by Symantec grew 300 per cent since June 2004, while spam email traffic intercepted by Symantec increased by 77 per cent and reports of serious software vulnerabilities grew by 13 per cent, according to the Symantec Internet Security Threat Report. Online fraud might be driving many of the trends, as attackers turn to strategies that were useful for identity theft and other online scams, senior director of engineering at Symantec Security Response, Alfred Huger, said.

The Symantec Internet Security Threat Report is a semi-annual report that brings together data from Symantec's global DeepSight network, customer networks and networks of decoy servers and e-mail accounts that the company maintains.

Symantec anti-fraud filters blocked 33 million phishing email messages each week by the end of the year, compared with just 9 million a week in mid-July.

The problem was not likely to abate, as online criminals got more sophisticated about spoofing legitimate email traffic, the report said.

Phishing scams use spam to direct Internet users to websites that are controlled by thieves, but designed to look like legitimate e-commerce sites. Users are asked to provide sensitive information such as a password, bank account information or a credit card number, often under the guise of updating an account.

The growth was part of a larger trend in fraud-related email, Huger said.

"We're seeing a financial motive behind the creation of malware," he said.

In all, Symantec noted a 64 per cent increase in all types of malicious software, including viruses and Trojan horse programs in the period covered by the report, a number that excluded both spyware and adware, Huger said.

One exception to that trend was PCs belonging to zombie "bot" networks. After surging in the first half of the year, the number of computers in bot networks (or botnets) decreased, from more than 30,000 bot systems scanning the Internet each day in July to fewer than 5000 a day by the end of the year, Symantec said.

Symantec did not cite a reason for the reduction, but said that action to shut down bot activity by large, international Internet service providers and the release of Microsoft's Windows XP Service Pack 2 update could account for the decline.

However, other explanations were possible, including a shift away from huge and persistent botnets, towards smaller networks that stayed online for shorter periods, Symantec said.

Behind the scenes, there is still plenty of interest in bot software. The number of new variants for bot software increased dramatically in the period covered by the study.

For example, Symantec collected 4288 unique variants of Spybot, a family of bot software, in the second half of the year - around 23 new variants of the software every day, Huger said.

"That's the biggest leap we've ever seen, and it tells us that people are iterating the code to make it more successful, and also that there are more people in the game of writing [bot] variants," he said.

Bots and bot networks that are used in attacks for financial gain would continue to be a problem in the next six months, Symantec said. The company also predicted that worms and viruses that target vulnerabilities on software clients would become a bigger problem, and that attacks on mobile device platforms and the heretofore ignored Apple's Mac operating system.

A growing number of software vulnerabilities were also fueling the rise in malicious code, Huger said.

Symantec documented more than 1403 new vulnerabilities between July 1, 2004 and December 31, 2004, an average of 54 vulnerabilities per week, compared with 48 per week in the first half of the year, Symantec said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?