A Microsoft security report has 'revealed' that some 97 percent of the emails travelling across the Internet are actually unwanted spam. Well duh, like I didn't realise it was such a big problem. Actually, I didn't, to be fair. Mainly because just about every other security report I have read over the last six months or so has the volume of spam at being around 80 percent. Quite why the Microsoft report has such a huge jump on everyone else has yet to be explained to me.

But it gets better. The report also reckons that drug spam is the biggest problem, and that some of this unwanted email even comes complete with malicious attachments. Shock, horror, those attachments are increasingly coming as MS Office documents or PDF files as well.

Microsoft's Chief Cyber Security Advisor, and a man I actually respect greatly, Ed Gibson told the BBC that this rise in spam signalled a move from targeting software vulnerability and instead homing in on the user weakest link. "With higher capacity broadband and better OS, and higher power computers it is easier now to send out billions of spams. Three or four years ago the capacity wasn't there" Gibson said.

Other revelations in the report include: rogue antivirus software is on the way up and software vulnerabilities are on the way down. But when it comes to surprises, perhaps the fact that while "Microsoft software accounted for 6 of the top 10 browser-based vulnerabilities attacked on computers running Windows XP" when it came to those running Windows Vista that number was a big fat zero.

Sticking with the surprises, while I kind of expected the United States to be named and shamed as the country hosting the highest number of phishing sites, I did not know that Texas was the individual state claiming the title of host with the most.

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

8 Years
Discussion Span
Last Post by 6031769

Do you suppose that MS genuinely don't realise that it is their history of shoddy (and sometimes non-existent) security practices that have resulted in this deluge or are they just playing the Gordon Brown card and steadfastly refusing to apologise as if it were really somebody else's fault?

Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.