State of security: malicious sites, CryptoLocker copycats, email scams

AppRiver released its mid-year Global Security Report, a detailed analysis of web and email-borne threats and malware trends tracked between January and June 2014.

During the first half of 2014, the company screened more than 19 billion messages, nearly 18.9 billion of which were spam and another 636 million that contained malware.

Europe was once again the top point of origin for spam output followed by the US, which accounted for a larger percentage than usual.

Highlights from the report include:

Events—Some of the bigger stories surrounding email and web threats over past six months included CryptoLocker copycats such as CryptoWall and CryptoDefense, along with a massive spam campaign that was a classic “Pump and Dump” stock scam. “Early on, AppRiver predicted that in 2014 we’d begin seeing a slew of copycat malware based on the CryptoLocker franchise,” said Fred Touchette, Manager of Security Research at AppRiver. “This prediction came true almost immediately as we began seeing the likes of CryptoWall and CryptoDefense piggy backing on the success of CryptoLocker.”

Metrics—In addition to the familiar data regarding email spam and viruses, this report includes some baseline data about web-based threats through Q2 as detected by AppRiver’s web filtering solution (SecureSurf). In total, AppRiver recorded over 5.1 million unique locations added throughout the first six months of 2014.

The Cyber World—This section of the report discusses major cybercrime breaches and exploits. When encrypted eBay customer data was stolen, cyber criminals took advantage of the resulting headlines by sending spam messages that attempted to capitalize on the fears of eBay customers. Additionally, Gameover Zeus hit the scene. This new version of Zeus had been tweaked with new capabilities and was clearly being operated by a single group located in Russia and Ukraine.