Personalized spam rising sharply, study finds
Date: December 18, 2008Source: google.com
A new study by Cisco Systems Inc. found an alarming increase in the amount of personalized spam, which online identity thieves create using stolen lists of e-mail addresses or other poached data about their victims, such as where they went to school or which bank they use.
Unlike traditional spam, most of which is blocked by e-mail filters, personalized spam, known as "spear phishing" messages, often sail through unmolested. They're sent in smaller chunks, and often come from accounts the criminals have set up at reputable Web-based e-mail services. Some of the messages are expertly crafted, linking to beautifully designed Web sites that are bogus or immediately install malicious programs.
Cisco's annual security study found that spam is growing quickly — nearly 200 billion spam messages are now sent each day, double the volume in 2007 — and that targeted attacks are also rising sharply.
More than 0.4 percent of all spam sent in September were targeted attacks, Cisco found. That might sound low, but since 90 percent of all e-mails sent worldwide are spam, this means 800 million messages a day are attempts are spear phishing. A year ago, targeted attacks with personalized messages were less than 0.1 percent of all spam.
The latest attacks include text-message spam, e-mails trying to trick business owners into coughing up credentials for their Google advertising accounts, or personalized "whaling" e-mails to executives claiming that their businesses are under investigation by the FBI or that there's a problem with their personal bank account.
Original article
Add comment
Email to a Friend
