Security specialists at MessageLabs have uncovered data revealing a new trend in highly targeted C-level and senior management email attacks.
The attacks are so precisely addressed that the name and job title of the victim was included within the subject line of the email. An analysis of the positions targeted reveals that Chief Investment Officers accounted for 30% of the attacks, 11% were CEOs, CIOs almost 7% and CFOs were 6%. Other titles among the top ten targets, and accounting for almost 50% of the attacks, included directors of research, directors of development and company presidents.
These emails had a Microsoft Word document attached which contained embedded executable code. When opened, the executable code would activate a trojan component that would then compromise the victims computer.
Reinforcing these findings, MessageLabs has also recently intercepted emails where the recipients of the attack email are related or connected to the actual intended target, for example a spouse or dependent of a CEO. The intent is to compromise the family computer and indirectly gain access to confidential correspondence and intellectual property relating to the target.
Other significant trends this month include the continued innovation from spammers regarding image spam. Accounting for approximately 20% of all spam targeting businesses, image spam has evolved from static attachments to dynamic hosted images in the form of PDF attachments that mimic real market reports or collateral to entice recipients into believing the scam. With the traditional image spam included within a PDF, a commonly trusted attachment format, it can bypass traditional anti-spam technologies.
Other report highlights:
Vertical Trends:
Spam levels dropped slightly across the top five verticals - Agriculture, Manufacturing, Education, IT Services and Marketing/Media, with the top four positions unchanged since May. The Chemical/Pharmaceutical industry retained its position at the top of the virus chart for a second consecutive month (1 in 68.9).
Spam:
In June, the global ratio of spam in email traffic from new and unknown bad sources was 72.4%, a decrease of 0.3% on the previous month. When reviewing the overall spam rates on a quarterly basis, this is the third quarter with spam levels in excess of 73%. Levels at this rate were last reported in Q1 2005.
Viruses:
In June, the global ratio of viruses in email traffic from new and previously unknown bad sources destined for valid recipients, was 1 in 127, a decrease of 0.06% since May. With Q2 2007 virus levels falling to 1 in 130.2, it may appear that virus levels have reached their lowest quarterly level since Q2 2003. However, the sophistication in techniques is reaching new heights and hence has become increasingly more difficult for traditional anti-virus countermeasures to safeguard.
Phishing:
June showed a decrease of 0.17% in the proportion of phishing attacks compared with the previous month, with one in 123.6 emails being a phishing attack. However, the number of phishing attacks increased by 0.81% as a proportion of all email-borne threats, now accounting for 72.2 of all malicious malware threats intercepted by MessageLabs in June. Overall for the quarter, phishing activity accounted for 70.8% of the malware threats, and increase of 8.6% on the previous quarter. For the same period in 2006 this level was around 12.1%.
For more information, download the (safe) PDF at here (1.7 MB).
Interested in information related to this topic? Subscribe to our twice-monthly Information Technology eNewsletter.
