SlideShare a Scribd company logo

2011 September Symantec Intelligence Report

Symantec
Symantec

The September 2011 Symantec Intelligence Report reveals that a deluge of malicious email-borne malware has left a clear mark on the threat landscape for September. Approximately 72% of all email-borne malware in September could be characterized as aggressive strains of generic polymorphic malware, first identified in the July Symantec Intelligence Report. At the end of July, this rate was 23.7%, in August it fell slightly to 18.5% before soaring to 72% in September.

TechnologyNews & Politics
1 of 20
Symantec Intelligence Report September 2011 Symantec Intelligence 1
The Symantec Intelligence Report The new Symantec Intelligence Report combines the best research and analysis from Symantec: • Symantec.cloud MessageLabs Intelligence Report • Symantec State of Spam & Phishing Report The Symantec Intelligence Report integrated report provides the latest analysis of cyber security threats, trends and insights from the Symantec Intelligence team Symantec Intelligence 2
September 2011 Highlights • Spam – 74.8 percent in September (a decrease of 1.1 percentage points since August 2011) • Phishing – One in 447.9 emails identified as phishing (a decrease of 0.26 percentage points since August 2011) • Malware – One in 188.7 emails in September contained malware (an increase of 0.04 percentage points since August 2011) • Malicious Web sites – 3,474 Web sites blocked per day (an increase of 1.0 percent since August 2011) • 44.6 percent of all malicious domains blocked were new in September (an increase of 10.0 percentage points since August 2011) • 14.5 percent of all Web-based malware blocked was new in September (a decrease of 2.9 percentage points since August 2011) • Malicious emails masquerade as office printer messages • Spammers exploit WordPress vulnerability to promote pharmaceutical spam Web sites • Fake Offers with Fake Trust Seals • Spammers and malware authors making increasing use of obfuscated JavaScript • Best Practices for Enterprises and Users Symantec Intelligence 3
Malicious emails masquerade as office printer messages Some Other Interesting Subjects Frequency File Name Frequency Pornographic mail 85 Document_NR727875272_Coll=d4=c7=abcod.exe 410 Company Contract doc 40 photo_W71765413082011_Coll=d4=c7=abgpj.exe 149 Tax debt notification 34 Revenue ( IRS ) Department 25 Printer Scanned doc 21 domain suspension mail 9 NB. 24 hour snapshot, 13 September pornographic picture 3 Symantec Intelligence 4
Spammers exploit WordPress vulnerability to promote pharmaceutical spam Web sites Symantec Intelligence 5
Spam Rate & Sources 6
Additional Spam Metrics Spam Attack Vectors Symantec Intelligence 7
Additional Spam Metrics Spam URL TLD Distribution Change TLD September August (% points) .com 59.5% 57.6% +1.9 .info 10.5% 18.4% -7.9 .ru 8.1% 7.1% +1.0 .net 5.8% 5.8% 0 Average Spam Message Size Change Message Size September August (% points) 0Kb – 5Kb 48.1% 49.7% -1.6 5Kb – 10Kb 25.6% 35.2% -9.6 >10Kb 26.2% 15.0% +11.2 Symantec Intelligence 8
Spam Subject Line Analysis September 2011 No. of August 2011 No. of Rank Total Spam: Top Subject Lines Days Total Spam: Top Subject Lines Days 1 UPS notification 6 (blank subject line) 31 ED-Meds-Antidepressants-And-Pain Relief- 2 Uniform traffic ticket 4 31 Meds-8O%-OFF Buy Advanced Penis Enlargement Pill now, it is 3 You have notifications pending 22 31 selling fast. Made of the most potent clinically proven natural 4 SALE OFF: Pharmacy store! 2 31 herbs. Permanently increases length and width of your 5 (blank subject line) 31 31 erection. Advanced Penis Enlargement Pill. Re: Windows 7, Office 2010, Adobe CS5 Advanced Penis Enlargement Pill. Permanently 6 12 31 … increases length and width of your erection. 7 Sarah Sent You A Message 11 my hot pics :) 23 Ed-Meds-Antidepressants-And-Pain Relief- 8 25 found you :) 23 Meds-8O%-OFF Fw: Fw: Fw: Fw: Windows 7, Office 2010, 9 9 new pics for you.. 24 Adobe CS5 … Fw: Windows 7, Office 2010, Adobe CS5 10 9 im online now 23 … Symantec Intelligence 9
Additional Spam Metrics Global Spam Categories September August Category Name 2011 2011 Pharmaceutical 52.5% 40.0% Casino/Gambling 16.0% 7.0% Unsolicited Newsletters 14.5% 11.5% Watches/Jewelry 7.5% 17.5% Unknown/Other 4.0% 2.5% Adult/Sex/Dating 3.5% 19.0% Weight Loss 1.5% <0.5% Jobs/Recruitments 1.0% 1.0% Software 0.5% 0.5% Scams/Fraud/419 <0.5% 0.5% Degrees/Diplomas <0.5% 1.5% Symantec Intelligence 10
Phishing Rate & Sources 11
Phishing Rate & Sources Phishing Web Sites Locations 2 Country September August 5 United States 50.4% 49.8% 4 3 Germany 6.2% 6.5% 1 United Kingdom 3.8% 3.8% Canada 3.1% 3.7% Russia 3.0% 3.0% China 2.7% 2.5% France 2.6% 2.7% Brazil 2.5% 2.6% Netherlands 2.3% 2.3% Spain 1.5% <0.5% September 2011 12
Tactics of Phishing Distribution Symantec Intelligence 13
Organizations Spoofed in Phishing Attacks, by Industry Sector Symantec Intelligence 14
Virus Rate 15
Most Frequently Blocked Email Malware Malware Name % Malware Gen:Trojan.Heur.FU.bqW@amtJU@oi 5.1% Gen:Trojan.Heur.BDT.bqW@b8J!Mvci 4.2% Gen:Trojan.Heur.BDT.bqW@bS6mfcai 4.1% Exploit/Link-generic-ee68 3.8% Gen:Trojan.Heur.FU.bqW@a8Y5GDei 3.6% Gen:Trojan.Heur.BDT.bqW@bC6h06ii 3.4% Trojan.Zbot 3.1% Gen:Trojan.Heur.FU.bqW@aiZha1gi 3.0% Gen:Trojan.Heur.FU.bqW@a4wN11gi 2.9% Gen:Trojan.Heur.FU.bqW@a0jG0qpi 2.8% •72% of email-borne malware was associated with variants of generic polymorphic malware, including Bredolab, Sasfis, SpyEye and Zeus variants Symantec Intelligence 16
New Malware and Spyware Sites Per Day Web Security Services Activity: New Malware Sites per Day New sites with spyware 70/day New sites with web viruses 3,404/day Total 3,474/day 2008 2009 2010 2011 •44.6% of all malicious domains blocked were new in September; an increase of 10.0 percentage points compared with August •14.5% of all Web-based malware blocked was new in September; a decrease of 2.9 percentage points since August Symantec Intelligence 17
Policy, Malware & Potentially Unwanted Programs Symantec Intelligence 18
Most Frequently Blocked Malware at the Endpoint Malware Name % Malware W32.Sality.AE 7.8% W32.Ramnit!html 7.1% W32.Ramnit.B!inf 6.2% Trojan.Bamital 6.1% W32.Downadup.B 3.9% W32.SillyFDC.BDP!lnk 3.1% Trojan.ADH.2 2.8% Trojan.ADH 2.5% W32.Virut.CF 2.4% W32.Almanahe.B!inf 2.2% •20.8% of the most frequently blocked malware last month was identified and blocked using generic detection. [1] For further information on these threats, please visit: http://www.symantec.com/business/security_response/landing/threats.jsp Symantec Intelligence 19
Where to next? • Web: – www.symanteccloud.com/intelligence – www.symantec.com/spam • Twitter: – @symanteccloud Symantec Intelligence 20

Recommended

Asset Metrix Corporate Acceptance Of Windows Xp Sp2 Asset Labs Edition
Asset Metrix Corporate Acceptance Of Windows Xp Sp2 Asset Labs EditionAsset Metrix Corporate Acceptance Of Windows Xp Sp2 Asset Labs Edition
Asset Metrix Corporate Acceptance Of Windows Xp Sp2 Asset Labs Editionsteve.ohalloran
 
Projected price v3
Projected price v3Projected price v3
Projected price v3barryarmstrong-marshall
 
Presentation1
Presentation1Presentation1
Presentation1Alex Moore
 
Risk Management and the Digital Law Practice
Risk Management and the Digital Law PracticeRisk Management and the Digital Law Practice
Risk Management and the Digital Law PracticeDavid Whelan
 
Profit And Loss Magazine June 09
Profit And Loss Magazine June 09Profit And Loss Magazine June 09
Profit And Loss Magazine June 09mike_mathias
 
Rob Morrison
Rob MorrisonRob Morrison
Rob MorrisonOPUNITE
 
diapositiva
diapositivadiapositiva
diapositivajuliopb06
 
The NHS Bermuda Triangle by Marc Baker, Ian Taylor and Daniel T Jones
The NHS Bermuda Triangle by Marc Baker, Ian Taylor and Daniel T JonesThe NHS Bermuda Triangle by Marc Baker, Ian Taylor and Daniel T Jones
The NHS Bermuda Triangle by Marc Baker, Ian Taylor and Daniel T JonesLean Enterprise Academy
 

Recommended

Asset Metrix Corporate Acceptance Of Windows Xp Sp2 Asset Labs Edition
Asset Metrix Corporate Acceptance Of Windows Xp Sp2 Asset Labs EditionAsset Metrix Corporate Acceptance Of Windows Xp Sp2 Asset Labs Edition
Asset Metrix Corporate Acceptance Of Windows Xp Sp2 Asset Labs Editionsteve.ohalloran
 
Projected price v3
Projected price v3Projected price v3
Projected price v3barryarmstrong-marshall
 
Presentation1
Presentation1Presentation1
Presentation1Alex Moore
 
Risk Management and the Digital Law Practice
Risk Management and the Digital Law PracticeRisk Management and the Digital Law Practice
Risk Management and the Digital Law PracticeDavid Whelan
 
Profit And Loss Magazine June 09
Profit And Loss Magazine June 09Profit And Loss Magazine June 09
Profit And Loss Magazine June 09mike_mathias
 
Rob Morrison
Rob MorrisonRob Morrison
Rob MorrisonOPUNITE
 
diapositiva
diapositivadiapositiva
diapositivajuliopb06
 
The NHS Bermuda Triangle by Marc Baker, Ian Taylor and Daniel T Jones
The NHS Bermuda Triangle by Marc Baker, Ian Taylor and Daniel T JonesThe NHS Bermuda Triangle by Marc Baker, Ian Taylor and Daniel T Jones
The NHS Bermuda Triangle by Marc Baker, Ian Taylor and Daniel T JonesLean Enterprise Academy
 
Symantec Intelligence Report August 2011
Symantec Intelligence Report August 2011Symantec Intelligence Report August 2011
Symantec Intelligence Report August 2011Symantec
 
2011 October Symantec Intelligence Report
2011 October Symantec Intelligence Report2011 October Symantec Intelligence Report
2011 October Symantec Intelligence ReportSymantec
 
2012 June Symantec Intelligence Report
2012 June Symantec Intelligence Report2012 June Symantec Intelligence Report
2012 June Symantec Intelligence ReportSymantec
 
Symantec Intelligence Report July 2011
Symantec Intelligence Report July 2011Symantec Intelligence Report July 2011
Symantec Intelligence Report July 2011Symantec
 
2014 abic-talk
2014 abic-talk2014 abic-talk
2014 abic-talkc.titus.brown
 
Fare Loyalty con i Big Data: quali sfide?
Fare Loyalty con i Big Data: quali sfide?Fare Loyalty con i Big Data: quali sfide?
Fare Loyalty con i Big Data: quali sfide?Osservatorio Fedeltà Università di Parma
 
Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2Scott Brown
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingDan Kaminsky
 
Information System Security Benchmark Dashboards
Information System Security Benchmark DashboardsInformation System Security Benchmark Dashboards
Information System Security Benchmark DashboardsSlideTeam
 
Astia Pitch
Astia PitchAstia Pitch
Astia PitchJennie Lees
 
Failure Of Antivirus
Failure Of AntivirusFailure Of Antivirus
Failure Of Antivirusamarnath
 
Complement Software Testing with Static Analysis
Complement Software Testing with Static AnalysisComplement Software Testing with Static Analysis
Complement Software Testing with Static AnalysisJohn Ruberto
 
Application of data mining based malicious code detection techniques for dete...
Application of data mining based malicious code detection techniques for dete...Application of data mining based malicious code detection techniques for dete...
Application of data mining based malicious code detection techniques for dete...UltraUploader
 
Breathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingBreathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingAWeber
 
Breathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingBreathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingHunter Boyle
 
Software Fail Watch: 2015 in Review
Software Fail Watch: 2015 in ReviewSoftware Fail Watch: 2015 in Review
Software Fail Watch: 2015 in ReviewChelsea Frischknecht
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc SecurityWalmart Super Center
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc SecurityWalmart Super Center
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc SecurityWalmart Super Center
 
Analytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopAnalytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopSplunk
 
Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 

More Related Content

Similar to 2011 September Symantec Intelligence Report

Symantec Intelligence Report August 2011
Symantec Intelligence Report August 2011Symantec Intelligence Report August 2011
Symantec Intelligence Report August 2011Symantec
 
2011 October Symantec Intelligence Report
2011 October Symantec Intelligence Report2011 October Symantec Intelligence Report
2011 October Symantec Intelligence ReportSymantec
 
2012 June Symantec Intelligence Report
2012 June Symantec Intelligence Report2012 June Symantec Intelligence Report
2012 June Symantec Intelligence ReportSymantec
 
Symantec Intelligence Report July 2011
Symantec Intelligence Report July 2011Symantec Intelligence Report July 2011
Symantec Intelligence Report July 2011Symantec
 
Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2Scott Brown
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingDan Kaminsky
 
Information System Security Benchmark Dashboards
Information System Security Benchmark DashboardsInformation System Security Benchmark Dashboards
Information System Security Benchmark DashboardsSlideTeam
 
Failure Of Antivirus
Failure Of AntivirusFailure Of Antivirus
Failure Of Antivirusamarnath
 
Complement Software Testing with Static Analysis
Complement Software Testing with Static AnalysisComplement Software Testing with Static Analysis
Complement Software Testing with Static AnalysisJohn Ruberto
 
Application of data mining based malicious code detection techniques for dete...
Application of data mining based malicious code detection techniques for dete...Application of data mining based malicious code detection techniques for dete...
Application of data mining based malicious code detection techniques for dete...UltraUploader
 
Breathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingBreathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingAWeber
 
Breathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingBreathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingHunter Boyle
 
Software Fail Watch: 2015 in Review
Software Fail Watch: 2015 in ReviewSoftware Fail Watch: 2015 in Review
Software Fail Watch: 2015 in ReviewChelsea Frischknecht
 
Analytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopAnalytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopSplunk
 

Similar to 2011 September Symantec Intelligence Report (20)

Symantec Intelligence Report August 2011
Symantec Intelligence Report August 2011Symantec Intelligence Report August 2011
Symantec Intelligence Report August 2011
 
2011 October Symantec Intelligence Report
2011 October Symantec Intelligence Report2011 October Symantec Intelligence Report
2011 October Symantec Intelligence Report
 
2012 June Symantec Intelligence Report
2012 June Symantec Intelligence Report2012 June Symantec Intelligence Report
2012 June Symantec Intelligence Report
 
Symantec Intelligence Report July 2011
Symantec Intelligence Report July 2011Symantec Intelligence Report July 2011
Symantec Intelligence Report July 2011
 
2014 abic-talk
2014 abic-talk2014 abic-talk
2014 abic-talk
 
Fare Loyalty con i Big Data: quali sfide?
Fare Loyalty con i Big Data: quali sfide?Fare Loyalty con i Big Data: quali sfide?
Fare Loyalty con i Big Data: quali sfide?
 
Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2Colby_Sawyer_white_paper final 2
Colby_Sawyer_white_paper final 2
 
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of TryingShowing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
Showing How Security Has (And Hasn't) Improved, After Ten Years Of Trying
 
Information System Security Benchmark Dashboards
Information System Security Benchmark DashboardsInformation System Security Benchmark Dashboards
Information System Security Benchmark Dashboards
 
Astia Pitch
Astia PitchAstia Pitch
Astia Pitch
 
Failure Of Antivirus
Failure Of AntivirusFailure Of Antivirus
Failure Of Antivirus
 
Complement Software Testing with Static Analysis
Complement Software Testing with Static AnalysisComplement Software Testing with Static Analysis
Complement Software Testing with Static Analysis
 
Application of data mining based malicious code detection techniques for dete...
Application of data mining based malicious code detection techniques for dete...Application of data mining based malicious code detection techniques for dete...
Application of data mining based malicious code detection techniques for dete...
 
Breathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingBreathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email Marketing
 
Breathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email MarketingBreathing Life (and ROI) Back Into Your Email Marketing
Breathing Life (and ROI) Back Into Your Email Marketing
 
Software Fail Watch: 2015 in Review
Software Fail Watch: 2015 in ReviewSoftware Fail Watch: 2015 in Review
Software Fail Watch: 2015 in Review
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
 
Introduction To Pc Security
Introduction To Pc SecurityIntroduction To Pc Security
Introduction To Pc Security
 
Analytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopAnalytics Driven SIEM Workshop
Analytics Driven SIEM Workshop
 

More from Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

More from Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Recently uploaded

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 

Recently uploaded (20)

Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 

2011 September Symantec Intelligence Report

  • 1. Symantec Intelligence Report September 2011 Symantec Intelligence 1
  • 2. The Symantec Intelligence Report The new Symantec Intelligence Report combines the best research and analysis from Symantec: • Symantec.cloud MessageLabs Intelligence Report • Symantec State of Spam & Phishing Report The Symantec Intelligence Report integrated report provides the latest analysis of cyber security threats, trends and insights from the Symantec Intelligence team Symantec Intelligence 2
  • 3. September 2011 Highlights • Spam – 74.8 percent in September (a decrease of 1.1 percentage points since August 2011) • Phishing – One in 447.9 emails identified as phishing (a decrease of 0.26 percentage points since August 2011) • Malware – One in 188.7 emails in September contained malware (an increase of 0.04 percentage points since August 2011) • Malicious Web sites – 3,474 Web sites blocked per day (an increase of 1.0 percent since August 2011) • 44.6 percent of all malicious domains blocked were new in September (an increase of 10.0 percentage points since August 2011) • 14.5 percent of all Web-based malware blocked was new in September (a decrease of 2.9 percentage points since August 2011) • Malicious emails masquerade as office printer messages • Spammers exploit WordPress vulnerability to promote pharmaceutical spam Web sites • Fake Offers with Fake Trust Seals • Spammers and malware authors making increasing use of obfuscated JavaScript • Best Practices for Enterprises and Users Symantec Intelligence 3
  • 4. Malicious emails masquerade as office printer messages Some Other Interesting Subjects Frequency File Name Frequency Pornographic mail 85 Document_NR727875272_Coll=d4=c7=abcod.exe 410 Company Contract doc 40 photo_W71765413082011_Coll=d4=c7=abgpj.exe 149 Tax debt notification 34 Revenue ( IRS ) Department 25 Printer Scanned doc 21 domain suspension mail 9 NB. 24 hour snapshot, 13 September pornographic picture 3 Symantec Intelligence 4
  • 5. Spammers exploit WordPress vulnerability to promote pharmaceutical spam Web sites Symantec Intelligence 5
  • 6. Spam Rate & Sources 6
  • 7. Additional Spam Metrics Spam Attack Vectors Symantec Intelligence 7
  • 8. Additional Spam Metrics Spam URL TLD Distribution Change TLD September August (% points) .com 59.5% 57.6% +1.9 .info 10.5% 18.4% -7.9 .ru 8.1% 7.1% +1.0 .net 5.8% 5.8% 0 Average Spam Message Size Change Message Size September August (% points) 0Kb – 5Kb 48.1% 49.7% -1.6 5Kb – 10Kb 25.6% 35.2% -9.6 >10Kb 26.2% 15.0% +11.2 Symantec Intelligence 8
  • 9. Spam Subject Line Analysis September 2011 No. of August 2011 No. of Rank Total Spam: Top Subject Lines Days Total Spam: Top Subject Lines Days 1 UPS notification 6 (blank subject line) 31 ED-Meds-Antidepressants-And-Pain Relief- 2 Uniform traffic ticket 4 31 Meds-8O%-OFF Buy Advanced Penis Enlargement Pill now, it is 3 You have notifications pending 22 31 selling fast. Made of the most potent clinically proven natural 4 SALE OFF: Pharmacy store! 2 31 herbs. Permanently increases length and width of your 5 (blank subject line) 31 31 erection. Advanced Penis Enlargement Pill. Re: Windows 7, Office 2010, Adobe CS5 Advanced Penis Enlargement Pill. Permanently 6 12 31 … increases length and width of your erection. 7 Sarah Sent You A Message 11 my hot pics :) 23 Ed-Meds-Antidepressants-And-Pain Relief- 8 25 found you :) 23 Meds-8O%-OFF Fw: Fw: Fw: Fw: Windows 7, Office 2010, 9 9 new pics for you.. 24 Adobe CS5 … Fw: Windows 7, Office 2010, Adobe CS5 10 9 im online now 23 … Symantec Intelligence 9
  • 10. Additional Spam Metrics Global Spam Categories September August Category Name 2011 2011 Pharmaceutical 52.5% 40.0% Casino/Gambling 16.0% 7.0% Unsolicited Newsletters 14.5% 11.5% Watches/Jewelry 7.5% 17.5% Unknown/Other 4.0% 2.5% Adult/Sex/Dating 3.5% 19.0% Weight Loss 1.5% <0.5% Jobs/Recruitments 1.0% 1.0% Software 0.5% 0.5% Scams/Fraud/419 <0.5% 0.5% Degrees/Diplomas <0.5% 1.5% Symantec Intelligence 10
  • 11. Phishing Rate & Sources 11
  • 12. Phishing Rate & Sources Phishing Web Sites Locations 2 Country September August 5 United States 50.4% 49.8% 4 3 Germany 6.2% 6.5% 1 United Kingdom 3.8% 3.8% Canada 3.1% 3.7% Russia 3.0% 3.0% China 2.7% 2.5% France 2.6% 2.7% Brazil 2.5% 2.6% Netherlands 2.3% 2.3% Spain 1.5% <0.5% September 2011 12
  • 13. Tactics of Phishing Distribution Symantec Intelligence 13
  • 14. Organizations Spoofed in Phishing Attacks, by Industry Sector Symantec Intelligence 14
  • 16. Most Frequently Blocked Email Malware Malware Name % Malware Gen:Trojan.Heur.FU.bqW@amtJU@oi 5.1% Gen:Trojan.Heur.BDT.bqW@b8J!Mvci 4.2% Gen:Trojan.Heur.BDT.bqW@bS6mfcai 4.1% Exploit/Link-generic-ee68 3.8% Gen:Trojan.Heur.FU.bqW@a8Y5GDei 3.6% Gen:Trojan.Heur.BDT.bqW@bC6h06ii 3.4% Trojan.Zbot 3.1% Gen:Trojan.Heur.FU.bqW@aiZha1gi 3.0% Gen:Trojan.Heur.FU.bqW@a4wN11gi 2.9% Gen:Trojan.Heur.FU.bqW@a0jG0qpi 2.8% •72% of email-borne malware was associated with variants of generic polymorphic malware, including Bredolab, Sasfis, SpyEye and Zeus variants Symantec Intelligence 16
  • 17. New Malware and Spyware Sites Per Day Web Security Services Activity: New Malware Sites per Day New sites with spyware 70/day New sites with web viruses 3,404/day Total 3,474/day 2008 2009 2010 2011 •44.6% of all malicious domains blocked were new in September; an increase of 10.0 percentage points compared with August •14.5% of all Web-based malware blocked was new in September; a decrease of 2.9 percentage points since August Symantec Intelligence 17
  • 18. Policy, Malware & Potentially Unwanted Programs Symantec Intelligence 18
  • 19. Most Frequently Blocked Malware at the Endpoint Malware Name % Malware W32.Sality.AE 7.8% W32.Ramnit!html 7.1% W32.Ramnit.B!inf 6.2% Trojan.Bamital 6.1% W32.Downadup.B 3.9% W32.SillyFDC.BDP!lnk 3.1% Trojan.ADH.2 2.8% Trojan.ADH 2.5% W32.Virut.CF 2.4% W32.Almanahe.B!inf 2.2% •20.8% of the most frequently blocked malware last month was identified and blocked using generic detection. [1] For further information on these threats, please visit: http://www.symantec.com/business/security_response/landing/threats.jsp Symantec Intelligence 19
  • 20. Where to next? • Web: – www.symanteccloud.com/intelligence – www.symantec.com/spam • Twitter: – @symanteccloud Symantec Intelligence 20