While you are destroying your mind watching the worthless, brain-rotting drivel on TV, we on the Internet are exchanging, freely and openly, the most uninhibited, intimate and, yes, shocking details about our config.sys settings. ~Dave Barry
Did you know that spam accounts for 81.7% of all the world’s email traffic?
Each day new websites are launched with malware and spyware. The daily number of new websites hosting malware peaked in November at 5,424. Did you catch that? 5000+ brand new sites, loaded up with spyware, daily!
Jason Lee Miller from Security Pro News wrote a nice piece describing the top cybercrimes this year.
1. Storm worm: The most aggressively spread malware in 2008, this nasty bugger enabled one of the largest botnets in history, infecting an estimated 2 million computers worldwide.
2. Search spam: Early in 2008, spammers discovered the search engine redirect, which allowed them to include a search query link within an email message. The link led to a forged website, but the redirect method allowed spammers to bypass spam filters by never having to mention which site the link led to.
3. CAPTCHA breaks: In February, hackers managed for the first time to break webmail CAPTCHAs, mechanisms designed to tell humans and computers apart online. Once they were able to break these codes, Gmail and other web-based email spam hit the world wide web in force.
4. Targeted Trojans: New versions of old tricks, targeted Trojans evaded Anti-virus using code variations, often to spoof legitimate websites and organizations. Since January, targeted Trojan attacks have increased to about 80 per day.
5. Web-base malware: SQL injections via HTML tags were all the rage by July, when the number of new, malicious websites blocked each day rose 91 percent.
6. Hosted applications spam: Getting adept at looking legit, spammers made use of linking to hosted online documents created under accounts with major hosted app providers, which are not blocked by filters.
7. Srizbi: Infecting an estimated 1.3 million computers last year, Srizbi was the culprit behind about half of all spam in 2008. The Reactor Mailer spamware, the bank spoofs? All thanks to the Srizbi botnet.
8. Ospama: All Barack Obama spam didn’t originate from David Plouffe’s desk. The 2008 election year attracted watch-selling spam clusters addressed from barackobamaismyhomeboy.com and barackobamaisyournewbicycle.com, tow popular pro-Obama websites spoofed in the name of
sleezy marketing tactics. 85 percent of election-related spam used Obama as a subject line, perhaps making spam the best bellwether of them all.
9. Credit crisis phishing scams: When people started to worry about their nest eggs, phishers got busy trying to con them. Phishing attacks spoofing banks suddenly spiked in September and October by 103 percent.
Summary: Like a big city, the web still has quite a few dark alleys that people try to avoid. The hackers are out there in full force. They will attack whenever and wherever they find a weakness. They even have a sense of humor! Ospama? C’mon, that is a little funny… IT departments need to look out for this and take security seriously, even if the subject lines of the offending emails are amusing.