Symantec Connect
  • Login
  • Register
  • All of Connect
    • All of Connect
    • Backup and Archiving
    • Endpoint Management & Virtualization
    • Storage and Clustering
    • Security
    • Inside Symantec
    • Vision User Conference
    • Partners
    • Developers
    •  
  • Overview
  • Forums
  • Articles
  • Blogs
  • Downloads
  • Events
  • Videos
  • Groups
  • Ideas

Security Response: Showing posts tagged with Endpoint Protection (AntiVirus): Showing posts by Eric ParkSyndicate content

Login to participate
Spam and Phishing Landscape: March 2010
Eric Park | March 11, 2010
0 comments

In February, spammers continued to use the news of the earthquake in Haiti and the recent earthquake in Chile as another vector to utilize. Scam and phishing messages accounted for 19 percent of all spam in February, which is 2 percentage points lower than in January, but nevertheless an elevated level.

In addition to spam tactics involving current events, this month’s report also highlights international threats. While spam is truly a global problem affecting all countries, the report showcases spam and phishing threats in four high growth, emerging countries often referred to as the “BRIC”: Brazil, Russia, India, and China.

For these discussions and much more, download the March 2010 Symantec State of Spam & Phishing Report [PDF], which highlights the following trends:

•    Still No Sympathy...

Read more
Tags: Endpoint Protection (AntiVirus), Online Fraud, Security, Spam, Security Response
Beware of Targeted Scams and Phishing Attacks!
Eric Park | March 2, 2010
0 comments

According to Symantec’s latest State of Spam and Phishing report, scam and phishing messages accounted for 21 percent of all spam, which is the highest level recorded since the inception of the report. For comparison, these types of spam represented only 10 percent of total spam a year ago.

Historically, the primary vector for spam attacks was to blast out as many messages as possible, hoping that someone would open a message and click on the call to action. The call to action could be anything from clicking on a link to purchase medications, to visiting an adult website. While we continue to see high volumes of spam originating from expansive botnets, spammers are also moving towards a sophisticated and more targeted approach to spam. Two primary examples of this trend are 419/Nigerian type scams and phishing messages.

While 419 spam (a.k.a., the Nigerian scam) has been around for a long time, the content that...

Read more
Tags: Endpoint Protection (AntiVirus), Online Fraud, Security, Spam, Security Response
Spam and Phishing Landscape: February 2010
Eric Park | February 12, 2010
0 comments

Here’s some news! Starting from this month, we will be combining the monthly State of Spam and State of Phishing reports into one: State of Spam & Phishing Report.

This month’s report carries detailed articles on what spammers have been up to with the recent Haiti earthquake tragedy, as well as the upcoming Valentine’s Day. Both include tips for users to avoid becoming victims of spam. For these articles and much more, download the February 2010 State of Spam & Phishing Report, which highlights the following trends:

•    No Sympathy From Spammers
•    Spam Calendar of Events
•    CNNIC Clamps Down
•    Will the Trend Continue?
•    January 2010: Spam Subject Line Analysis...

Read more
Tags: Endpoint Protection (AntiVirus), Security, Spam, Security Response
Spam and Phishing Landscape: January 2010
Eric Park | January 13, 2010
0 comments

Notable highlights this month include the shift of the regions of message origin, and changes in the average size of spam messages.
 
•    In recent months, APJ and South America have been taking the spam share away from the traditional leaders of North America and EMEA. However, North America and EMEA together sent 57 percent of spam messages in December 2009, compared with 50 percent in November 2009.
•    With respect to the average size of the messages, the 2kb – 5kb message size category increased by seven percent, while the 5kb – 10kb message size category decreased by six percent in December 2009.
•    With respect to all spam categories, health and product spam have increased and now account for 52 percent of all spam messages.

Click here to download the...

Read more
Tags: Endpoint Protection (AntiVirus), Online Fraud, Security, Spam, Security Response
Malicious Greeting from Your “Friend”
Eric Park | July 8, 2009
0 comments

With the soaring popularity of social networking sites, it is no surprise that spammers try to take advantage of them. In the past, spammers would register their own accounts and then send unsolicited messages through the social networking site. By default, the site generated automated email to let the user know that there is a new message. While such notifications are technically legitimate, the user would have most likely considered the messages as spam, due to the unsolicited content. For spammers, this technique had a shortcoming—the message sent to the user was from an unknown person/entity.

Recently, Symantec has observed a rise in a newer technique of social networking site abuse. The below example is a legitimate notification from Facebook that informs the user of a new private message:

imagebrowser image

As noted above, the message itself is not spam because...

Read more
Tags: Endpoint Protection (AntiVirus), Emerging Threats, Security, Spam, Security Response
“Text with Tables” Technique for Evading Spam Filters
Eric Park | July 8, 2009
0 comments

Spammers are always searching for ways to bypass anti-spam filters. While the “text with tables” technique is not new, it is worth noting because it demonstrates spammers’ creativity, as well as their utilization of existing techniques.

When spammers first used table HTML codes, it began as a simple table with various cells filled in with different colors to render what looked like regular text. This basic technique has since evolved into something more complex—spammers are using a table within a table.

In the example below, the spammer first defines an outer table (137 x 43). Then, each row of the outer table itself is defined as a table. These inner tables feature a unique cell length (defined by COLSPAN) and background colors.

imagebrowser image

Carefully crafted, the above HTML shows this when rendered:

...

Read more
Tags: Endpoint Protection (AntiVirus), Security, Spam, Security Response
Phishing, All-In-One
Eric Park | June 29, 2009
0 comments

A typical phishing email message tries to represent (falsely) a single institution. For example, a spammer sends a phishing message, forging the email to appear as if it’s from a financial institution. The recipient is then asked to enter personal information for some fictional reason (for example, “verify your identity”). In an effort to obtain as much information as possible about the unsuspecting user, the spammer usually asks for more information than what is asked at a legitimate website. While a legitimate site may only ask for username and password, a phishing site usually seeks additional information such as a credit card or pin number, mother’s maiden name, and/or a social security number. Once the user hits the “submit” button, the private information is sent into the hands of criminals.

Symantec has recently observed a spam message that is pretending to be from HM Revenue & Customs in the United Kingdom. The message is very...

Read more
Tags: Endpoint Protection (AntiVirus), Online Fraud, Security, Spam, Security Response
Sharing is Caring, Even for Spammers
Eric Park | June 23, 2009
0 comments

With more people using the Internet now than ever before, free homepage hosting providers are increasing in popularity. These sites offer users free Web space so that they can make their own homepage, publish it, and share with friends and family. When the popularity of this type of service was near its peak, spammers began to use these websites as part of their spamming efforts. This was accomplished through the creation of many free websites, often using automation, and sending spam with a newly created webpage URL. The randomization of such URLs hindered typical anti-spam efforts. When an unsuspecting user clicked on one of these newly created URLs, more often than not they were taken to a page similar to the one shown here:

 

 

While this spam material (online pharmacy spam) is...

Read more
Tags: Endpoint Protection (AntiVirus), Security, Spam, Security Response

About Security Response Blog

Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam.
Filter by:

Blog Tags

10.x 11.x 9.x and Earlier Antivirus2010 Backdoor.Tidserv Brightmail Gateway Emerging Threats Endpoint Encryption Endpoint Protection (AntiVirus) Endpoint Protection Small Business Enterprise Security Manager Evolution of Security General Symantec IT Healthcare Landscape IT Risk Management Internet Security Threat Report Live PC Care Malicious Code Misleading Applications Mobile & Wireless Online Fraud Password Management Restore Security Security Risks Spam Sykipot SymbOS.Exy Symbian Trojan.FakeAV Trojan.Zbot VirusDoctor Vulnerabilities & Exploits Windows Zeus
© 2010
  • Symantec Corporation
  • Contact Us
  • Get RSS
  • Privacy Policy
  • Symantec.com