According to messaging security experts MessageLabs there has been a 100 percent rise in the amount of spam from Gmail during February, along with a worrying 200 percent increase in targeted Trojan attacks.
The February MessageLabs Intelligence Report, published today, paints a sorry picture as far as IT security is concerned, and much of the blame seems to be laid at the doorstep of web based email services. Indeed, the report suggests that 4.6 percent of all spam originates from Web mail-based services. Even allowing for the fact that Gmail spam has doubled, much of it promoting adult themed websites apparently, it is Yahoo! Mail which is the villain of the piece as it is responsible for sending 88.7 percent of all Web mail-based spam MessageLabs says.
Targeted Trojan attacks increased in February to 30 per day, focusing specifically on smaller numbers of targets so as to stay below the security industry radar where possible. One particular attack, MessageLabs reports, involved 900 targeted Trojans that were intended for named senior business executives worldwide. This made use of multiple attack vectors including compromised websites and malicious downloads.
"There are several approaches a spammer can take to defeat a CAPTCHA," said Mark Sunner, Chief Security Analyst, MessageLabs. "Whether they do so using an algorithm, a 'mechanical turk' or combination of the two, email providers are feeling the pressure to keep pace but are limited to what a human can realistically solve creating ever more doubt surrounding the long-term effectiveness of the CAPTCHA as a security mechanism for protecting email services from abuse. Online criminals are going to greater lengths than ever before to reach their targets. Not only are we seeing a significant increase in the number of targeted Trojan attacks, but they often appear to be based on prior intelligence gathered about their targets. At the same time though, more and more businesses are protecting themselves against potential threats by only allowing employees to access pre-approved websites."