Latest M86 Security Labs Report Details Surge in Malicious Spam and Rise in Social Engineering Attacks

M86 Security Researchers Identify Attacks Leveraging Shortened URLs Such as Those Popularized by Twitter as They Observe an Escalation in Cyber Criminal Activities


ORANGE, CA--(Marketwire - February 16, 2010) - M86 Security, a global provider of Web and messaging security products, today unveiled its latest Security Labs Report, detailing a massive increase in spam volumes and recent vulnerabilities in applications including Adobe products and attacks via social networking sites such as Twitter.

M86 security researchers analyze more than seven million distinct email messages every day looking for patterns and emerging trends. By correlating this data with Web exploit and vulnerability research, M86 achieves a comprehensive vantage point on evolving Internet threats and publishes a bi-annual report with these findings. The latest report is based on the second half of 2009.

The Report highlights a surge in attacks through social networking sites such as Twitter because of the increased use of shortened URLs. Shortened URLs have become a favorite tool of attackers because not only do they make it easier to obscure malicious links, but they also exploit end users' trust through social engineering. The majority of malicious links observed by the M86 team on services such as Twitter and Facebook abuse shortened URLs and similar malicious links have also been observed in spam messages.

Zero-Day application vulnerabilities such as those within the Internet Explorer and Adobe products are becoming just as prevalent as those seen in the operating systems themselves as hackers take advantage of such application vulnerabilities. Recent examples from the Security Labs Report include an increase in the use of malicious PDF files targeting Adobe products.

Spam remains a significant threat to businesses and government organizations: not only does spam consume valuable network resources; it remains a popular conduit for the distribution of malware, phishing and other scams by cyber criminals. The new Security Labs Report notes that the volume of malicious spam has dramatically increased; reaching three billion messages per day, compared to 600 million messages per day in the first half of 2009.

The vast majority of spam is sent via Botnets of infected computers. These networks of compromised computers, sometimes known as zombies, are revenue-generating businesses for organized, professional criminals. The M86 Security Labs Report names the major spam Botnets and reveals that 78 percent of all spam during the last six months of 2009 originates from just five of the Botnets.

"It is important to identify the major contributors to the volume of spam so that the industry can take action against them, and our latest Security Labs Report provides a detailed percentage of spam by Botnet origin," said Bradley Anstis, VP Technical Strategy, M86 Security. "At the same time, M86 wants to help security professionals remain vigilant in their own organizations against the increasing exploitation of trust on social networking sites. Users are more likely to click on links shared with them by senders they believe are their friends. To combat this, we suggest using browser extensions that display shortened URLs in their full form and take a range of other precautions outlined in our latest Security Labs Report."

To download the complete version of the latest M86 Security Labs Report, please go to http://www.m86security.com/labs/resources.asp

M86 Security at RSA®

The M86 Security team will be available for questions at the RSA Conference, Booth 1151 at the Moscone Center, San Francisco, CA, March 1-5, 2010.

About M86 Security Labs

M86 Security Labs is a group of security analysts specializing in Email and Web threats, from spam to malware. The M86 team continuously monitors and responds to Internet security threats. The primary purpose of the Security Labs is to provide a service to M86 customers as part of standard product maintenance and support. This service includes updates to M86's unique, proprietary anti-spam technology, SpamCensor and Web threat and vulnerability updates to the M86 Secure Web Gateway products that are able to pro-actively detect and block new and emerging exploits and threats and the malware they serve.

Data and analysis from M86 Security Labs is continuously updated and always accessible online at http://www.m86security.com/labs and on Twitter at http://twitter.com/m86labs

About M86 Security

M86 Security is a global provider of Web and messaging security solutions and the industry's largest vendor of Web security appliances. The company delivers comprehensive protection to more than 21,000 customers and over 16 million users worldwide and has the expertise, product breadth and technology to protect organizations from both current and emerging threats. M86's appliance, software and cloud-based solutions leverage real-time threat data to proactively secure customers' networks from malware and spam; protect their sensitive information; and maintain employee productivity. The company is based in Orange, California with international headquarters in London and offices worldwide. For more information about M86 Security, please visit http://www.m86security.com.

© M86 Security 2010

Contact Information: Media Contact: USA Activa PR Jan Wiedrick-Kozlowski 585.392.7878