Cybercriminals increase effectiveness with multi-stage attacks

Cybercriminals have been increasing the effectiveness of their individual outreach by creating multi-stage, also known as blended, attacks, which combine messaging and Web elements.

They use email or search engine results to lure victims to sites hosting spam advertising, malware, or phishing. A new Commtouch report analyzes the many methods fraudsters, malware distributors and spammers use to inspire their victims to action, such as leveraging trusted brands like Apple and Google; holidays, or current events, for example, the Football World Cup.

During Q2, Gmail and Yahoo kept the top spots as far as spoofed domains for email distribution, but they have been joined in the top six by Twitter. The Twitter domain was faked in a widespread mailing designed to lure users to a “password reset” Web page that contained malware.

Other highlights from the Commtouch report include:

  • Spam levels averaged 82% of all email traffic throughout the quarter, bottoming out at 71% at the start of May and peaking at nearly 92% near the end of June. These numbers are slightly lower than those detected in Q1 and equate to an average of 179 billion spam messages per day.
  • Pharmacy spam retained the top spot with 64 percent of all spam.
  • An average of 307,000 zombies were activated daily to inflict malicious activity, representing a slight increase over the prior quarter.
  • India has surpassed Brazil for the title of the country with the most zombies (13 percent of the world’s total).
  • TDSS.17 was the most widely distributed email-borne virus, but the Mal/Bredo malware had the most variants – over 1800 (more than double the variants of Q1).
  • Pornography remains the Web site category most infected with malware.
  • In the Web 2.0 sphere of user-generated content, streaming media/downloads is the most popular topic for blog creators.