Mass Mailers Top November Security Threats

Fortinet, network and Internet security agency has released a list of the top 10 security threats that plagued networks and users for the month of November. As the data list below shows, it was a collection of Mass Mail virii that have topped the charts. The rise of Mass mailers can be directly linked not only the upcoming holiday and shopping season but also a general increase in online advertising. This lead to the emergence of Virii like Clicker.AC, which has code that is specifically designed to bypass browsers' pop-up blocking technology.

Another example of the increasing sophistication of malware is Stration.JQ, which relies on an advanced social engineering strategy based on dual attachments. While the email received by end users aims at misleading them by providing instructions for personal account access, the innovation lies in the attachments: an "authorization module", which is in fact Stration.JQ, coupled with a PDF attachment containing financial information such as an invoice, a fee analysis, etc. The content of the email and PDF are both intended to stir the user's curiosity and make the request sound legitimate, therefore tremendously increasing the click-through rate of the mass mailer. Unfortunately, any user opening the "authorization module" will turn her/his computer into a bot.

"Hacking legitimate site content to host malicious code has become very common. This month, many trusted Internet sites were unwittingly 'hosting' flash advertisements injected with encrypted redirects, forcing users to visit other sites once the ad was displayed. More determined efforts to conceal malware using trusted sources are likely to be made as we enter into the busy holiday season of December," said Derek Manky, security research engineer at Fortinet. "Examples of adware such as Clicker.AC illustrate the trend in what is becoming the blend between malware and grayware and further emphasizes the need for threat awareness, not only from the end user's perspective, but also for corporations and their affiliates.".Rank Threat Name Threat Type % of Detections
1 W32/Netsky!similar Mass mailer 10.87
2 HTML/Iframe_CID!exploit Exploit 8.21
3 HTML/Clicker.AC!tr Trojan 6.60
4 W32/ANI07.A!exploit Exploit 5.14
5 W32/Stration.JQ@mm Mass mailer 3.11
6 W32/MyTob.CJ@mm Mass mailer 2.42
7 W32/Bagle.DY@mm Mass mailer 2.25
8 W32/Grew.A!worm Worm 2.09
9 Adware/TCent Adware 1.86
10 Adware/Bdsearch Adware 1.71