In a bi-annual security analysis, spam messages are down, but no one should start breathing any easier.
The Microsoft Security Intelligence Report focused on the first half of 2011 to bring to the surface the dangers often lurking right in front of you as you’re going about your daily business on your computers.
The 168-page tome is bursting with more insights than we could fit in a blog post, but Ars Technica’s take-away intrigued us, too:
In July 2010, 89.2 billion spam messages were blocked by Microsoft’s Forefront Online Protection for Exchange service, which is used by thousands of enterprise customers. By June 2011, that monthly total was down to 25 billion.
The report attributes the dramatic downshift to “takedowns of two major botnets: Cutwail, which was shut down in August 2010 , and Rustock, which was shut down in March 2011 following a period of dormancy that began in January. The magnitude of this decrease suggests that coordinated takedown efforts such as the ones directed at Cutwail and Rustock can have a positive effect on improving the health of the email ecosystem.”
While overall it seems like measures like these are working, this is no time to yield vigilance. Taking the pre-emptive step of regularly installing security updates “is one of the most fundamental steps that IT departments and individual users can take to reduce their risk from malicious software.”
The report found that phishers, which traditionally have targeted financial sites, have now turned their sights on social networks, where they “can effectively target many more people per site. Still, the potential for direct illicitaccess to victims’ bank accounts means that financial institutions remain perennially popular phishing targets, and they continue to receive the largest or second-largest number of impressions each month.”
Nearly 30 percent are run of the mill advertisements for everyday household and medicine cabinet supplies — the complete opposite of bringing sexy back. In fact, sexually explicit email only makes up just about five percent of potentially damaging spam messages that were blocked by filters.
Consistent with previous reports, “nonsexual pharmaceutical products” and “nonpharmaceutical product advertisements” together account for the majority of spam messages (28 percent and 17.2, respectively). The third biggest category was the “419” advance-fee loan scams (13.2 percent). These emails were blocked using Microsoft’s Forefront Online Protection for Exchange (FOPE), which “scans billions of email messages every year to identify and block spam and malware.”
If you want to see what else wants to infiltrate your email, see the pie chart above, which breaks down the kinds of messages that want to grab your attention — as well as your money and your identity.