"As predicted at the start of the year, e-mail security attacks remain unabated in their persistence and ferocity," Mark Sunner, MessageLabs' chief technology officer, said in a statement. "The major development of the year has undoubtedly been the emergence of phishing. In just 12 months it has established itself as a threat to any organization conducting e-commerce. We believe that the targeting of certain companies characteristic of phishing attacks could signal the beginning of a wider trend. Already, businesses are being threatened and blackmailed, which could indicate a shift from random, scattergun approaches to customized attacks designed to take advantage of the perceived weaknesses of some businesses."
In September 2003, MessageLabs intercepted 279 phishing e-mails containing a URL to a fraudulent Web site. That figure had mushroomed to more than two million by September 2004. Over the course of the year, MessageLabs said it intercepted more than 18 million phishing e-mails.
"The perpetrators of phishing attacks have also developed new techniques to increase their chances of success," the report said. "Recently, phishing e-mails have been designed to capture online banking details automatically when a user opens the e-mail, rather than when the user clicks on URL links within messages. Phishers have also attempted to dupe unsuspecting users into becoming middlemen for money laundering operations."
The report said the average percentage of e-mail identified as spam in 2004 was 73%. In 2003, the average was 40%.
The firm also observed a disturbing rise in tailored malicious activity, from blackmailing online gaming sites with denial-of-service attacks to threats to send out child pornography in the name of a particular organization.
"Recent evidence also suggests that Trojans and other malicious code have been developed during 2004 specifically to compromise particular organizations, a trend that MessageLabs expects to continue in 2005," the report said. "As well as the threat from targeted fraud, MessageLabs sees that other top-of-mind issues facing IT departments and executives is regulatory compliance. Laws related to financial reporting and disclosure require companies to have policies for monitoring, securing, reporting and archiving all business transactions, including e-mail and instant messaging correspondence."
In another annual report, this one released this week by Russia-based antivirus provider Kaspersky Lab, 2004 saw a move away from sending malicious code as e-mail attachments in favor of embedded links in the actual messages to help malware spread. "So far, e-mails containing links have not been treated with suspicion by recipients, many of whom are much more likely to follow a link than they are to double-click an attachment. In addition, this method effectively 'skips over' the perimeter defenses deployed at the Internet gateway by many enterprises," said David Emm, the Lab's senior technology consultant in a news release.
The Malware Development Review also notes that much of today's malware includes more Trojan horses that, because they do not replicate in a system, are viewed as less harmful by users. That's a mistaken perception, Emm warned. "Not only are they becoming more sophisticated, they are also being put to an increasing number of malicious uses." Those uses include stealing confidential data, launching distributed denial of service attacks and using compromised machines as spam relays.
