Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":326,"date":"2015-03-25T14:39:59","date_gmt":"2015-03-25T14:39:59","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=326"},"modified":"2019-04-17T11:55:29","modified_gmt":"2019-04-17T11:55:29","slug":"ibm-x-force-report-spam-on-decline-dont-start-celebrating-just-yet","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2015\/03\/25\/ibm-x-force-report-spam-on-decline-dont-start-celebrating-just-yet\/","title":{"rendered":"IBM X-Force Report: Spam on Decline, Don’t Start Celebrating Just Yet"},"content":{"rendered":"

$\"7437$
\nAh, spring is in the air! You can tell, without need of a calendar, that old man winter has wheezed out his last stale breath of frigid air. The ground begins to thaw and grass, the guiltless victim of months of snow and ice, appears and begins to show signs of life. Birds sing sweetly, announcing the dawn of each new day like we\u2019ve all been victims of a cruel joke \u2013 inmates wrongfully accused, now subject to reprieve. That\u2019s all nice and fine, you might think, but what about the true<\/em> sign that spring is here? Worry not: perhaps the surest sign that spring is in the air is the day that IBM\u2019s security group, X-Force, publishes its annual report on the state of all things Internet security. That happened this week when the group published its 2011 Trend and Risk Report<\/a>, and as usual, it\u2019s a good read right from the Executive Overview.<\/p>\n

The report has a lot to offer this year, such as IBM X-Force officially dubbing 2011 the \u201cyear of the security breach\u201d to an unprecedented number of security breaches at certificate authorities. From a never before seen increase in Mac Malware to a three times increase in the number of Shell command injection attacks, 2011 was indeed a black year for anyone focused on keeping the Internet safe from malicious attackers. But what about spam?<\/p>\n

Spam on the Decline<\/strong><\/h2>\nAccording to X-Force, spam continues to see a decline, with overall spam numbers weighing in at their lowest volume since mid-2008. X-Force attributes this decline to the takedown of several high-value botnet targets, something we\u2019ve been saying all along, so there\u2019s nothing terribly shocking about X-Force\u2019s numbers. The report breaks down the year in spam into six phases, the first five dating from December, 2010 to August 22, 2011 and having been discussed in detail in IBM\u2019s X-Force 2011 Mid-Year Trend and Risk Report<\/a>. What\u2019s most revealing about the last quarter of 2011 are phases five and six. While there was definitely a decrease in the overall amount of spam, what\u2019s truly revealing is not the significant decrease in spam volumes, but rather the significant increase in the percentage of plain text and image spam.<\/p>\n
Plain text: there\u2019s nothing plain about it<\/strong><\/h2>\n
IBM X-Force notes the near continuous increase in plain text spam as being a very significant trend. \u201cIn previous years we have seen between five and 30 percent of spam written in simple plain text. This is the first time that we observed these high values\u2014sometimes more than 80 percent in phase five\u2014over a longer period of time.\u201d Plain text spam, the report notes, \u201cmakes it even harder for content-based spam detection because there is no fixed feature like a special kind of attachment or suspicious html code sequences that can be used to build patterns.\u201d<\/p>\n
Spammers are fans of Homer, and we don\u2019t mean Simpson<\/strong><\/h2>\nIf spammers can read \u2013 and the jury is still out<\/a> on that one \u2013 then they must love ancient Greek epics. Trojans are the attachment of choice for purveyors of spam, notes the X-Force report. \u201cIn the second half of 2011, we saw three spikes of emails with ZIP attachments between 18 and 43 percent, each measured on a daily basis. Trojans are the favorite type of malware attachment. More than 50 percent of ZIP attachments during the peak at the end of July contained the Trojan:Win32\/Fivfrom.gen!B.\u201d To entice users to open the attachments, the report notes, several variations on spam sent during phase 3 (March through May, just after the takedown of Rustock) were used, notably \u201c a message that the user\u2019s credit card will be charged for an amount over one-hundred USD and that the user can find the details in the attached file.\u201d<\/p>\n
Now you see me, now you don\u2019t<\/strong><\/h2>\n
Image spam was perhaps the most surprising development at the end of 2011. While earlier instances of image-based malware used the image to deliver the spam message (for example showing some pills or displaying a URL), the majority of the newer image spam is \u201clogos of legitimate organizations or companies,\u201d the report states. \u201cThe text of the email states something similar to: Your transaction failed, please click on the link to see the details\u201d or \u201cWe have received a complaint about your business, please click here.\u201d<\/p>\n
But wait! There\u2019s more!<\/strong><\/h2>\nThere\u2019s much more in this very interesting report, so surf on over to the IBM X-Force site<\/a> to check it out for yourself.<\/p>\n","protected":false},"excerpt":{"rendered":"
Ah, spring is in the air! You can tell, without need of a calendar, that old man winter has wheezed out his last stale breath… <\/p>\n","protected":false},"author":3,"featured_media":328,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,14],"tags":[11,9,10,8,7],"class_list":["post-326","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-spam","tag-allspammedup","tag-bot","tag-botnet","tag-malware","tag-spam","jsn-master"],"_links":{"self":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/comments?post=326"}],"version-history":[{"count":3,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/326\/revisions"}],"predecessor-version":[{"id":1814,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/326\/revisions\/1814"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media\/328"}],"wp:attachment":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media?parent=326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/categories?post=326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/tags?post=326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}