SlideShare a Scribd company logo

Commtouch july 2012 internet threats trend report

Download as PPTX, PDF
Cyren, Inc
Cyren, Inc
TechnologyNews & Politics
1 of 30
Internet Threats Trend Report July 2012
July 2012 Threat Report The following is a condensed version of the July 2012 Commtouch Internet Threats Trend Report You can download the complete report at http://www.commtouch.com/threat-report-july-2012 Copyright© 2012 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
Key Security Highlights
Trends in Q2 2012… Malware Trends
Q2 Malware Trends Blended attacks mix brands and malware The attacks all included similar characteristics: • Well-crafted emails matching those of known companies which were sent out in large volumes. • The emails included links to multiple compromised websites which then redirected to the malware hosting websites. • The compromised websites were often based on the WordPress content management system. • The malware itself was mostly hosted on various .ru domains. • The malware pages showed simple messages such as “Please Wait – Loading” (black text on white). • The same Flash and Adobe Reader exploits were used in most of the malware
Q2 Malware Trends Blended attacks mix brands and malware
Q2 Malware Trends Movie ticket hoax hides malware on Dropbox • Email offers free movie tickets • Clicking on the links leads to several redirects and scripts • Download of file “entrada_cine.zip” from the following link: • https://dl.dropbox.com/u/689--025/bts/entrada_cine.zip
Q2 Malware Trends Email-attached malware • Increase over Q1 levels • Sample attacks: • DHL tracking • “why did you put this photo online”
Q2 Malware Trends Top 10 Malware of Q2 2012 Rank Malware name Rank Malware name 1 W32/RLPacked.A.gen!Eldorado 6 W32/Sality.gen2 2 W32/InstallCore.A2.gen!Eldorado 7 W32/RAHack.A.gen!Eldorado 3 W32/Sality.C.gen!Eldorado 8 W32/OnlineGames.FL.gen!Eldorado 4 W32/HotBar.L.gen!Eldorado 9 W32/Vobfus.AD.gen!Eldorado 5 W32/Heuristic-210!Eldorado 10 JS/Pdfka.EV.gen Source: Commtouch
Q2 Malware Trends For a complete analysis of Malware in Q2 and the specific attacks employed, download the complete July 2012 Internet Threats Trend Report http://www.commtouch.com/threat-report-july-2012
Trends in Q2 2012… Web Security
Q2 Compromised Websites Malware and spam campaigns used compromised sites extensively • Sample LinkedIn email leads to simple notice while malware is downloaded • Legitimate site continues to function normally Source: Commtouch
Q2 Compromised Websites Website categories infected with malware • Pornographic sites disappeared from the top 10 as many legitimate sites from different categories found themselves hacked and hosting malware Rank Category Rank Category 1 Education 6 Sports 2 Travel 7 Leisure & Recreation 3 Business 8 Health & Medicine 4 Entertainment 9 Fashion and beauty Streaming media and 5 Restaurants and dining 10 downloads Source: Commtouch
Q2 Compromised Websites Phishing campaigns also using compromised sites • Sample – Yahoo phishing uses compromised photography site from Romania • Legitimate site continues to function normally Source: Commtouch
Q2 Compromised Websites Website categories infected with phishing • During the second quarter of 2012, Commtouch analyzed which categories of legitimate Web sites were most likely to be hiding phishing pages (usually without the knowledge of the site owner). • Portals (offering free website hosting) remained at the highest position. Rank Category Rank Category 1 Portals 6 Business 2 Fashion & Beauty 7 Arts Streaming media and 3 Sports 8 downloads Computers and 4 Shopping 9 technology 5 Education 10 Travel Source: Commtouch
Q2 Web Security Download the complete July 2012 Internet Threats Trend Report for more details http://www.commtouch.com/threat-report-july-2012
Trends in Q2 2012… Spam Trends
Q2 Spam Trends Spammers invent “Facebook Social” Links lead via compromised sites to pharmacy sites Source: Commtouch
Q2 Spam Trends Phony MySpace, Facebook emails Links lead to the “wikipharmacy” Source: Commtouch
Q2 Spam Trends Spam Levels • Marginal decrease compared to previous quarter • Average daily spam levels dropped to 91 billion spam and phishing emails/day Spam levels – Jan to June 2012 Source: Commtouch
Q2 Spam Trends Spam % • Spam averaged 76% of all emails in Q2 Spam % of all emails – Jan to June 2012 Source: Commtouch
Q2 Spam Trends Spam cloud for Q2 2012 Subjects include: • Pharmaceuticals (pills, pfizer) • Replicas (Breitling, replica) • Enhancers Source: Commtouch
Q2 Spam Trends Spam Topics in Q2 • Pharmacy spam continued to increase, as it did last quarter, to nearly 41% of all spam (~3% more than the previous quarter) • Enhancer and diet-themed spam increased while replica spam dropped almost 8% Source: Commtouch
Q2 Spam Trends Top Faked (Spoofed) Spam Sending Domains* Source: Commtouch * Domains used by spammers in the “from” field of the spam emails.
Q2 Spam Trends Find out more about Spam Trends in Q2 by downloading the complete July Internet Threats Trend Report http://www.commtouch.com/threat-report-july-2012
Trends in Q2 2012… Zombie Trends
Q2 Zombie Trends Daily Turnover of Zombies in Q2 • Average turnover: 303,000 newly activated each day sending spam (increase from 270,000 in Q1 2012) Daily newly activated spam zombies: Jan to June 2012 Source: Commtouch
Q2 Zombie Trends Worldwide Zombie Distribution in Q2 Source: Commtouch • India again claimed top zombie producer title, moving above 20% • Poland, Italy, and Indonesia dropped out of the top 15, replaced by Saudi Arabia, Romania, and more surprisingly, Germany – which has stayed well out of the top 15 for over one and a half years.
Q2 Zombie Trends Download the complete July 2012 Internet Threats Trend Report for more details http://www.commtouch.com/threat-report-july-2012
For more information contact: info@commtouch.com 650 864 2000 (Americas) +972 9 863 6895 (International) Web: www.commtouch.com Blog: http://blog.commtouch.com

Recommended

Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Rod Soto
 
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
Alex Pinto
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025
Dr David Probert
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
Cyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
Cyren, Inc
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Cyren, Inc
 

Recommended

Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Rod Soto
 
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
Alex Pinto
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025
Dr David Probert
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
Cyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
Cyren, Inc
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Cyren, Inc
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threat
Cyren, Inc
 
Webinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeWebinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrime
Cyren, Inc
 
Webinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteWebinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsolete
Cyren, Inc
 
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksWebinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
Cyren, Inc
 
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseWebinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Cyren, Inc
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Cyren, Inc
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud Security
Cyren, Inc
 
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats ReportWebinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Cyren, Inc
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for Healthcare
Cyren, Inc
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
Cyren, Inc
 
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend ReportWebinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Cyren, Inc
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 Presentation
Cyren, Inc
 
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookWebinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Cyren, Inc
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Cyren, Inc
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Cyren, Inc
 
CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015
Cyren, Inc
 
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Cyren, Inc
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend report
Cyren, Inc
 
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeDual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Cyren, Inc
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
apidays
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
DianaGray10
 

More Related Content

More from Cyren, Inc

Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
Cyren, Inc
 

More from Cyren, Inc (20)

Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threat
 
Webinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeWebinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrime
 
Webinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteWebinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsolete
 
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksWebinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
 
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseWebinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of Defense
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud Security
 
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats ReportWebinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for Healthcare
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
 
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend ReportWebinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 Presentation
 
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookWebinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
 
CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015
 
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend report
 
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeDual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle Cybercrime
 

Recently uploaded

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Recently uploaded (20)

Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Commtouch july 2012 internet threats trend report

  • 2. July 2012 Threat Report The following is a condensed version of the July 2012 Commtouch Internet Threats Trend Report You can download the complete report at http://www.commtouch.com/threat-report-july-2012 Copyright© 2012 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
  • 4. Trends in Q2 2012… Malware Trends
  • 5. Q2 Malware Trends Blended attacks mix brands and malware The attacks all included similar characteristics: • Well-crafted emails matching those of known companies which were sent out in large volumes. • The emails included links to multiple compromised websites which then redirected to the malware hosting websites. • The compromised websites were often based on the WordPress content management system. • The malware itself was mostly hosted on various .ru domains. • The malware pages showed simple messages such as “Please Wait – Loading” (black text on white). • The same Flash and Adobe Reader exploits were used in most of the malware
  • 6. Q2 Malware Trends Blended attacks mix brands and malware
  • 7. Q2 Malware Trends Movie ticket hoax hides malware on Dropbox • Email offers free movie tickets • Clicking on the links leads to several redirects and scripts • Download of file “entrada_cine.zip” from the following link: • https://dl.dropbox.com/u/689--025/bts/entrada_cine.zip
  • 8. Q2 Malware Trends Email-attached malware • Increase over Q1 levels • Sample attacks: • DHL tracking • “why did you put this photo online”
  • 9. Q2 Malware Trends Top 10 Malware of Q2 2012 Rank Malware name Rank Malware name 1 W32/RLPacked.A.gen!Eldorado 6 W32/Sality.gen2 2 W32/InstallCore.A2.gen!Eldorado 7 W32/RAHack.A.gen!Eldorado 3 W32/Sality.C.gen!Eldorado 8 W32/OnlineGames.FL.gen!Eldorado 4 W32/HotBar.L.gen!Eldorado 9 W32/Vobfus.AD.gen!Eldorado 5 W32/Heuristic-210!Eldorado 10 JS/Pdfka.EV.gen Source: Commtouch
  • 10. Q2 Malware Trends For a complete analysis of Malware in Q2 and the specific attacks employed, download the complete July 2012 Internet Threats Trend Report http://www.commtouch.com/threat-report-july-2012
  • 11. Trends in Q2 2012… Web Security
  • 12. Q2 Compromised Websites Malware and spam campaigns used compromised sites extensively • Sample LinkedIn email leads to simple notice while malware is downloaded • Legitimate site continues to function normally Source: Commtouch
  • 13. Q2 Compromised Websites Website categories infected with malware • Pornographic sites disappeared from the top 10 as many legitimate sites from different categories found themselves hacked and hosting malware Rank Category Rank Category 1 Education 6 Sports 2 Travel 7 Leisure & Recreation 3 Business 8 Health & Medicine 4 Entertainment 9 Fashion and beauty Streaming media and 5 Restaurants and dining 10 downloads Source: Commtouch
  • 14. Q2 Compromised Websites Phishing campaigns also using compromised sites • Sample – Yahoo phishing uses compromised photography site from Romania • Legitimate site continues to function normally Source: Commtouch
  • 15. Q2 Compromised Websites Website categories infected with phishing • During the second quarter of 2012, Commtouch analyzed which categories of legitimate Web sites were most likely to be hiding phishing pages (usually without the knowledge of the site owner). • Portals (offering free website hosting) remained at the highest position. Rank Category Rank Category 1 Portals 6 Business 2 Fashion & Beauty 7 Arts Streaming media and 3 Sports 8 downloads Computers and 4 Shopping 9 technology 5 Education 10 Travel Source: Commtouch
  • 16. Q2 Web Security Download the complete July 2012 Internet Threats Trend Report for more details http://www.commtouch.com/threat-report-july-2012
  • 17. Trends in Q2 2012… Spam Trends
  • 18. Q2 Spam Trends Spammers invent “Facebook Social” Links lead via compromised sites to pharmacy sites Source: Commtouch
  • 19. Q2 Spam Trends Phony MySpace, Facebook emails Links lead to the “wikipharmacy” Source: Commtouch
  • 20. Q2 Spam Trends Spam Levels • Marginal decrease compared to previous quarter • Average daily spam levels dropped to 91 billion spam and phishing emails/day Spam levels – Jan to June 2012 Source: Commtouch
  • 21. Q2 Spam Trends Spam % • Spam averaged 76% of all emails in Q2 Spam % of all emails – Jan to June 2012 Source: Commtouch
  • 22. Q2 Spam Trends Spam cloud for Q2 2012 Subjects include: • Pharmaceuticals (pills, pfizer) • Replicas (Breitling, replica) • Enhancers Source: Commtouch
  • 23. Q2 Spam Trends Spam Topics in Q2 • Pharmacy spam continued to increase, as it did last quarter, to nearly 41% of all spam (~3% more than the previous quarter) • Enhancer and diet-themed spam increased while replica spam dropped almost 8% Source: Commtouch
  • 24. Q2 Spam Trends Top Faked (Spoofed) Spam Sending Domains* Source: Commtouch * Domains used by spammers in the “from” field of the spam emails.
  • 25. Q2 Spam Trends Find out more about Spam Trends in Q2 by downloading the complete July Internet Threats Trend Report http://www.commtouch.com/threat-report-july-2012
  • 26. Trends in Q2 2012… Zombie Trends
  • 27. Q2 Zombie Trends Daily Turnover of Zombies in Q2 • Average turnover: 303,000 newly activated each day sending spam (increase from 270,000 in Q1 2012) Daily newly activated spam zombies: Jan to June 2012 Source: Commtouch
  • 28. Q2 Zombie Trends Worldwide Zombie Distribution in Q2 Source: Commtouch • India again claimed top zombie producer title, moving above 20% • Poland, Italy, and Indonesia dropped out of the top 15, replaced by Saudi Arabia, Romania, and more surprisingly, Germany – which has stayed well out of the top 15 for over one and a half years.
  • 29. Q2 Zombie Trends Download the complete July 2012 Internet Threats Trend Report for more details http://www.commtouch.com/threat-report-july-2012
  • 30. For more information contact: info@commtouch.com 650 864 2000 (Americas) +972 9 863 6895 (International) Web: www.commtouch.com Blog: http://blog.commtouch.com