New York and London – September 3, 2008 - MessageLabs, the leading provider of messaging and web security services to businesses worldwide, today announced the results of its MessageLabs Intelligence Report for August 2008. Analysis highlights that Picasa Web Albums is the latest of Google’s hosted services to be exploited by spammers while Adobe Flash redirection techniques are also being abused by spammers to host Flash-based .SWF, Shockwave Flash, files that cause Web browsers to re-direct to the spammer’s site. Together, both of these new techniques accounted for less than 2 percent of spam in August, but MessageLabs expects these tactics will increasingly generate more spam in the coming months.

“Over the course of this year, spammers have been highly focused on using as many of Google’s free, hosted services as possible to distribute spam,” said Mark Sunner, Chief Security Analyst, MessageLabs. “Not only are the links contained within the spam emails difficult for traditional anti-spam filters to detect as they appear to be legitimate URLs, but it is also much more unlikely such filters will block emails based on the URLs they contain without causing significant collateral damage.”

Also in August, spam volumes rose by 160 percent resulting in an overall three percent increase in spam levels. The sharp rise in spam can be attributed to the aggressiveness of the Srizbi and Cutwail botnets, which both grew by between 20 and 25 percent in July and August. The profile of the increased spam activity was similar to spam runs seen in July with most spam arriving as short, text-based messages. However, the increased capacity of the botnets resulted in higher volumes of this spam. In addition, 64 percent of emails containing malicious links spoofed virtual greeting cards or fake online postcards, an increase of 51.8 percent since July.

“The new rogue anti-spyware program, Antivirus XP 2008, threatened businesses again this month both as the downloadable that arrives in an email with a Flash component advertising a free Microsoft upgrade and again as a dropper component in the emails spoofing virtual greeting cards and fake online postcards,” Sunner said. “When the link containing the executable is activated, it proceeds to install Antivirus XP 2008 on the victim machine. This contributed to the 12.2 percent increase in the proportion of email-borne malware contained in links to malicious sites, which represents 15.2 percent of all malware intercepted in August.”

Other report highlights:

Web security: Analysis of Web security activity shows that 23.9 percent of all web-based malware intercepted was new in August. MessageLabs also identified an average of 2,980 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, a decrease of 24.9 percent since July.

Spam: In August 2008, the global ratio of spam in email traffic from new and previously unknown bad sources was 78.2 percent (1 in 1.28 emails), an increase of 3.12 percent on the previous month.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was 1 in 87.6 emails (1.14 percent), an increase of .47 percent since July. In August, 15.2 percent of email-borne malware contained links to malicious sites, an increase of 12.2 percent since July.

Phishing: In August, phishing activity fell by .36 percent compared with the previous month. One in 522.7 (0.19 percent) emails comprised some form of phishing attack. When judged as a proportion of all email-borne threats such as viruses and Trojans, the number of phishing emails has fallen by 65.3 percent to 16.8 percent of all email-borne malware threats intercepted in August.

Geographical Trends:

• In August, France became the most spammed country with levels reaching 82.8 percent of all email, an increase of 3.5 percent. The largest increase in spam levels this month was observed in Italy where spam levels rose by 13.9 percent to 71.3 percent.
• Spam levels in the UK reached 67.9 percent in August and 70.8 percent in Canada and 76.6 percent in the US. Germany's spam rate reached 69.5 percent and 73.1 percent in the Netherlands. Spam levels in Australia were 66.5 percent, 78.3 percent in China and 64.2 percent in Japan.
• The largest increase of 2.75 percent in virus activity was observed in Italy where virus levels of 1 in 35.3 put the country in second place for August.
• Virus levels for the US were 1 in 112.9 and 1 in 67.4 for the UK and 1 in 81.6 for Germany. In Australia, virus levels were 1 in 146.1 and 1 in 133.2 for Japan.

Vertical Trends:

• Spam in the Automotive sector rose the highest in August, by 6.3 percent to 83.6 percent.
• The largest decrease was noted in the Engineering sector where levels fell by 7 percent to 68.5 percent.
• Chemical and Pharmaceutical sector spam levels reached 70.5 percent, 72.3 percent for Retail, 69.9 percent for Public Sector and 66.5 percent for Finance.
• Virus levels increased across most industry sectors during August. Education had the highest increase of 1.52 percent to 1 in 28.9 emails containing malware. There was no decrease in virus levels for any sector during August.
• Virus levels for the IT Services sector were 1 in 96, 1 in 866 for Retail and 1 in 131.9 for Finance.

The August 2008 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at http://www.messagelabs.com/intelligence.aspx.

MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.