Spam levels are currently approximately half what they were a year ago. The boom years for spammers were from 2008 to 2010 when botnets roamed freely without significant hindrance from authorities. The decline in spam levels from 2010 to today is due to a number of factors:

- Crackdown by authorities on botnets such as Rustock, Mega-D, Cutwail, Festi, Lethic and Grum.

- Closure of spam affiliate programs such as Spamit.com

However Spam levels still constitute up to 75% of a typical organisations inbound email which means that companies cannot neglect their email security layers. Now whilst Spam volumes have declined the actual threat to organisations has increased significantly. In the last five years the number of inbound emails with executable attachments has increased by over 300%. Almost 70% of all Spam comes from three sources:

- Lethic (29.1%)

- Cutwail and its variations (28.3%)

- Grum (15.7%)

One in ten messages was found to be malicious with a split between malicious attachments (3.3%) and malicious links (6.8%).

Spam packaged in realistic-looking templates and often mimicking major brands was a major issue in 2012. This spam mostly originated from Cutwail bots, with links leading to installations of the Blackhole exploit kit, which then seeks to install malware. Such spam campaigns are on-going, widespread and change templates daily to get ahead of the email filtering services, business antivirus software & other IT security businesses have in place, and the list of impersonated brands includes most major companies in business today.

These campaigns work as the messages are carefully crafted to be convincing. One Blackhole server had a 10% exploit rate after people clicked the link in the spam message.

----------------------------

Topsec Technology recommends that organisations treat every message with suspicion and carefully check URLs by hovering over links. Virtually all the exploits targeted by Blackhole are public, and patches are available, ensuring that business antivirus software is up to date. This provides protection along with email filtering services to reduce inbound spam and a secure web gateway to prevent users from accessing bad links.

----------------------------

Feel free to Contact the team at Topsec Technology to discuss the best Secure Internet Solutions to protect your business or Download a Free Trial.