There is a growing trend to increasingly sophisticated blended attacks

Spammers exploit heightened interest in the economy and US election

Attackers are increasingly using legitimate sites to host their malware

Written by Ian Williams

vnunet.com, 27 Oct 2008

Phishing attacks targeting those concerned about the financial crisis and the impending US election are currently driving large volumes of spam, according to new research from Secure Computing.

In its latest quarterly Internet Threat Report, the company's research team found that along with financial phishing and election-themed attacks, "breaking news" and "delivery status notifications" topped the most common spam list.

According to the report, more than 5,000 zombie computers are currently being created every hour globally from malicious attacks, in turn driving up spam volumes. The US is leading the way in spam creation, having nearly doubled its share from 16.6 per cent in the second quarter to 32.1 per cent in the third.

The research highlights the growing trend toward blended attacks such as those where spammers will include links to infected web sites, rather than trying to deliver the infected payload as an attachment. It also points to the growing sophistication of attackers using legitimate sites to host their malware and infect visitors through attacks such as SQL injection.

Looking to the future, Secure Computing predicts that financial phishing will continue to rise over the coming months, and that online criminals will start to use the festive season to tout fraudulent holiday coupons and gift cards.

Furthermore, the report concluded that by the end of next year about half of all web-borne malware will be hosted on compromised legitimate web sites, as it becomes increasingly difficult for criminals to purchase malware-hosting services from companies that once looked the other way.

In order to help minimise the risk, the researchers recommended that both enterprises and consumers check that their software and patches are up-to-date, and that they implement a multi-layered approach to pre-emptively detect and block attacks. All users are also encouraged to employ common sense such as not opening suspicious emails or responding to unsolicited offers, which can drastically reduce the chance of a PC becoming infected with malware.