New York and London – October 30, 2008 - MessageLabs, the leading provider of messaging and web security services to businesses worldwide, today announced the results of its MessageLabs Intelligence Report for October 2008. Analysis highlights the increase of spam blogs on Google Blogspot and a rise in spam sent using fake MobileMe (formerly mac.com) accounts as a result of spammers finding it easier to obtain CAPTCHA (Completely Automated Public Turing Tests to tell Computers and Humans Apart) breaking tools. To maximize the use of the fraudulent MobileMe email addresses, spammers link them with fake accounts created on social networking sites.

“With the exploitation of Google Blogspot and MobileMe, we are again seeing two common spamming practices converge – CAPTCHA breaking techniques and exploitation of free hosted services,” said Mark Sunner, Chief Security Analyst, MessageLabs. “The spammers are now taking it one step further and experimenting with the capabilities of social networking sites, like Bebo. As a result, users of social networking sites are receiving more buddy requests from fake profiles wishing to connect.”

Halloween again remains a time for spammers to distribute appropriately themed spam. This year, the spammers are advertising Halloween sales in the subject lines of traditional spam emails touting herbal remedies and sexual enhancement drugs. This type of spam was part of a larger campaign that made up about one percent of spam using the same body message in each case. Halloween was one of many subjects used in this campaign which originated from the Srizbi botnet.

Also in October, MessageLabs saw an increase in phishing attacks spoofing banks as the global credit crisis worsened. Between September and October, the volume of phishing attacks rose by 103 percent as scammers sought to take advantage of the confusion surrounding potential mergers and bailouts.

“Now is the time that spammers are taking advantage of the headlines and holidays to catch PC users with their guard down,” Sunner said. “It is very possible that this month’s spam is just an appetizer to what will ensue in the coming months. The spammers are just getting warmed up.”

Other report highlights:

Web security: Analysis of Web security activity shows that 4.9 percent of all web-based malware intercepted was new in October. MessageLabs also identified an average of 5,424 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 48.2 percent since September.

Spam: In October 2008, the global ratio of spam in email traffic from new and previously unknown bad sources was 69.7 percent (1 in 1.43 emails), a decrease of .4 percent on the previous month.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources was 1 in 141.4 emails (.71 percent) in October, a decrease of .05 percent since September. In October, 3.6 percent of email-borne malware contained links to malicious sites, a decline of 2.7 percent since September.

Phishing: October saw an increase of .08 percent in the proportion of phishing attacks compared with the previous month. One in 233.3 (0.43 percent) emails comprised some form of phishing attack. When judged as a proportion of all email-borne threats such as viruses and Trojans, the number of phishing emails has increased by 13.7 percent to 59.4 percent of all email-borne malware threats intercepted in October.

Geographical Trends:

• In October, spam levels in Hong Kong fell by 1.4 percent but the country retains its place as the most spammed country with levels reaching 78.3 percent of all email. The largest increase was observed in Israel, where spam levels rose by 2.6 percent to 67.3 percent. The greatest decrease was in Singapore, where the level fell by 3 percent to 65.4 percent.
• Spam levels in the US reached 71.9 percent in October, 68.2 percent in Canada and 67.0 percent in the UK. Germany's spam rate reached 66.7 percent and 66.2 percent in the Netherlands. Spam levels in Australia were 69.9 percent, 74.5 percent in China and 68.0 percent in Japan.
• Virus activity rose by 0.31 percent to 1 in 88.6, the largest increase in October. A decline of 0.9 percent, the highest for October, was observed in France where virus activity reached 1 in 73.6.
• Virus levels for the US were 1 in 253.0 and 1 in 156.4 for the Canada. For the UK, virus levels reached 1 in 85.3, 1 in 241.8 in Australia and 1 in 262.7 for Japan.

Vertical Trends:

• With a decrease of 3.0 percent, the Manufacturing sector maintained its position as the spammed industry sector, with a spam rate of 75.7 percent. The largest increase was noted in the Engineering sector where spam levels rose by 12.3 percent to 78.3 percent.
• The largest decrease was noted in the Recreation sector where levels fell by 7.1 percent to 69.2 percent.
• Chemical and Pharmaceutical sector spam levels reached 67.7 percent, 70.6 percent for Retail, 64.8 percent for Public Sector and 64.5 percent for Finance.
• Virus activity rose by 0.81 percent in the Education sector, the largest increase in October, to 1 in 51.2 The greatest decline was observed in the Real Estate sector, where virus activity decreased by 0.44 percent to 1 in 112.3.
• Virus levels for the IT Services sector were 1 in 144.2, 1 in 182.6 for Retail and 1 in 199.8 for Finance.

The October 2008 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends. The full report is available at www.messagelabs.com/intelligence.

MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.