Unfortunately, there's no end in sight. Despite the shutdown of two U.S.-based botnet hosting outfits that contributed to a significant decrease in active botnet activity during September and November 2008, botnet operators found alternate Web hosting sites and botnet infections quickly rose to pre-shutdown levels and resumed mass spamming.

Indeed, a well-organized underground economy specializing in the sale of confidential data continues to create malware aimed at stealing sensitive information.

Over the past year, Symantec observed a 192 percent increase in spam across the Internet, from 119.6 billion messages in 2007 to 349.6 billion in 2008. In 2008, bot networks were responsible for the distribution of approximately 90 percent of all spam. Again, there's no end in sight.

"As malicious code continues to grow at a record pace, we're also seeing that attackers have shifted away from mass distribution of a few threats to micro-distribution of millions of distinct threats," said Stephen Trilling, vice president of Symantec Security Technology and Response. "Cybercriminals are profiting from creating and distributing customized threats that steal confidential information, particularly bank-account credentials and credit-card data. While the aboveground economy suffers, the underground economy has remained consistently steady."

Antivirus Software Not Enough

Although corporations and antivirus firms have published security best practices that could help mitigate the risk, many users are ignoring them. A survey from the Messaging Anti-Abuse Working Group reports 12 percent of respondents admit to replying to a spam message or clicking a link in a spam message because they were interested in a product or service the message promoted.

At the same time, antivirus solutions alone aren't enough to protect the inbox anymore. The Commtouch Q2 2009 Internet Threat Trend Report noted a spike in the number of e-mail viruses that got through major antivirus engines between late May and June. And spam e-mail rose 21 percent in June alone, Symantec reported.

"For the last year and a half, antivirus engines effectively blocked many virus variants with generic signatures," said Amir Lev, CTO of Commtouch, a Web and messaging security technology firm that services the likes of F-Secure, 3Com and Panda Security. "In the second quarter, however, malware distributors introduced large quantities of new variants which are immune to these generic signatures, therefore causing sharp increases in undetected malware samples that were blocked by Commtouch." (continued...)

1  |  2  |  3  |  Next Page >