RealTime IT News

Virus-to-E-mail Ratio Grows Worse

E-mail security firm MessageLabs has detected a sharp increase in malicious viruses, spam and Web-based scams this year, warning that the technical sophistication of attacks is making it tougher to stay ahead of hackers.

MessageLabs, which provides e-mail filtering software to government and enterprise clients, said the problem of clogged in-boxes from spam has become so bad that the number of unsolicited mail will far exceed legitimate messages in the new year.

The company's end-of-year report on e-mail security said it found one virus in every 212 e-mails in 2002 (one virus every 3 seconds), a dramatic increase of the one virus per 380 e-mails last year. And MessageLabs expect the upward trend to continue. It recognized a whopping one in every 12 e-mails as unsolicited spam (one spam e-mail every half-second) and warned that tighter controls need to be implemented by vulnerable enterprises.

MessageLabs chief technology officer Mark Sunner took the e-mail security/anti-spam gospel to this week's Information Security Conference, leading a panel discussion on "Defense-in-Depth: Defining a Layered Security Architecture" where he was expected to outline specific responses to the troubling trends found in the company's year-end report.

"E-mail security must remain a high priority for every business in 2003. Email has become a gateway for billions of business transactions per year, yet most companies continue to leave their servers wide open to unknown threats," Sunner said in a statement, again warning that the sophistication of attacks from virus writers and spammers means "proactive protection is more crucial now than ever before."

MessageLabs, which boasts a client roster that includes Bank of New York, Fujitsu, Conde Nast and the British Government, said blended threats and trojans like the Klez worm are on the rise. The company said its filtering technology intercepted about five million copies of the Klez virus in 2002.

"Blended threats" are used to describe the combination of spam e-mails bearing malicious virus. MessageLabs said it also found a rise in Trojans aimed at specific companies or individuals this year and expect this trend to carry through next year.

"The virus-to-email ratio has grown worse during 2002, chiefly because a vast number of home users and small businesses do not keep their security up to date. Popular virus characteristics of the past year included spoofing the sender's e-mail address and deleting locally installed desktop AV software," MessageLabs warned.

In addition to the virile Klez virus, which first appeared and created havoc in April, MessageLabs said it trapped more than 237 new viruses in 2002 and expects this number to rise next year. "The Yaha virus was the second most prolific virus with close to two million copies intercepted since June," the company said, noting that the recent BugBear outbreak has also garnered significant numbers - over 800,000 since September.

In addition to viruses and spam, which continue to hit e-mail inboxes worldwide, MessageLabs warned that the Nigerian e-mail scam, which lures naive individuals into "get-rich-quick" schemes has showed no sign of abating.

Recently, Americans in particular seem to be falling victim to the scam. A recent report by the U.K.'s National Criminal Intelligence Service stated that up to five Americans per day have been witnessed waiting in London hotel lobbies to meet people connected with the scam," the company said, warning that if this trend continues, the Nigerian scam operations is projected to gross over two billion dollars in 2003.

Lately, MessageLabs said the "FriendGreeting" malicious spam, which features an applet that's used to trick users into downloading mass-mailing software, was high among the list of intercepted mail. "(We)intercepted over 70,000 copies to date, and expects to see not only additional greeting card scams in 2003, but stronger and smarter tricks as well," it warned.

The company predicted that software installed on end-user machines will send spam not only to people in the victim's address book, but also to any e-mail addresses the software can find in the Internet Explorer browser cache, again in a manner similar to techniques deployed by virus writers.