According to messaging security experts MessageLabs there has been a 100 percent rise in the amount of spam from Gmail during February, along with a worrying 200 percent increase in targeted Trojan attacks.

The February MessageLabs Intelligence Report, published today, paints a sorry picture as far as IT security is concerned, and much of the blame seems to be laid at the doorstep of web based email services. Indeed, the report suggests that 4.6 percent of all spam originates from Web mail-based services. Even allowing for the fact that Gmail spam has doubled, much of it promoting adult themed websites apparently, it is Yahoo! Mail which is the villain of the piece as it is responsible for sending 88.7 percent of all Web mail-based spam MessageLabs says.

Targeted Trojan attacks increased in February to 30 per day, focusing specifically on smaller numbers of targets so as to stay below the security industry radar where possible. One particular attack, MessageLabs reports, involved 900 targeted Trojans that were intended for named senior business executives worldwide. This made use of multiple attack vectors including compromised websites and malicious downloads.

"There are several approaches a spammer can take to defeat a CAPTCHA," said Mark Sunner, Chief Security Analyst, MessageLabs. "Whether they do so using an algorithm, a 'mechanical turk' or combination of the two, email providers are feeling the pressure to keep pace but are limited to what a human can realistically solve creating ever more doubt surrounding the long-term effectiveness of the CAPTCHA as a security mechanism for protecting email services from abuse. Online criminals are going to greater lengths than ever before to reach their targets. Not only are we seeing a significant increase in the number of targeted Trojan attacks, but they often appear to be based on prior intelligence gathered about their targets. At the same time though, more and more businesses are protecting themselves against potential threats by only allowing employees to access pre-approved websites."

About the Author

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.


The Gmail spam; is that actually from Gmail itself or its users? As I don't recall ever seeing spam from Gmail lol

Dazza :cool:

I think the report looks at spam coming from users of a system, rather than from the operators itself :)