Cloudmark’s Annual Threat Report for 2015 is now available and covers the following topics:
- A look at how enterprises are trying to combat spear phishing and how well these attempts succeed or fail, according to a new survey of 300 companies
- How the Swizzor malware propagates by camouflaging itself to evade spam filters
- The risks for brands that deploy Bitly’s URL shortener, heavily abused by spammers
- As Q3’s largest source of outbound spam, Softlayer’s progress in dramatically reducing outbound spam in Q4
- Cloudmark’s security predictions for 2016
- A country report on Germany, the largest source of outbound spam in Europe
You can download the full report online here or read the highlights below.
First, we examine the results of a new Cloudmark survey (conducted by Vanson Bourne) of 300 large businesses in the U.K. and U.S. to find out how effectively (or ineffectively) enterprises are combatting spear phishing. Businesses reported that the average cost of a successful spear phishing attack was $1.6 million; in the U.S. one in five companies reported a decrease in stock prices as a result of a spear phishing attack. Twenty percent of companies ranked spear phishing as their #1 security threat. More than 80 percent of companies estimated that spear phishing attacks are getting past their defenses.
Next, we took a look at the lesser known Swizzor/Bayrob malware family, which serves up unsolicited ad content and modifies browser settings. This under-the-radar malware uses novel URL naming conventions with common, simple words to disguise itself as normal traffic. Appearing as normal email traffic, the malware attempts to subvert typical email security and character distribution analysis.
We then focus on Bitly, a commonly used URL shortener which is a magnet for spammers. After detecting over 25,000 malicious emails a day coming from Bitly URLs, we approached Bitly to try to help them improve their filtering. As of our publication date, Bitly had not implemented any visible changes.
With better results, we’ve helped Softlayer, the largest source of spam in Q3, reduce its outbound spam by 80 percent during Q4. There’s still progress to be made, primarily due to Brazilian spammers, but we hope to see Softlayer further reduce its outbound spam.
We also turn our attention to the future and explore cybersecurity trends for 2016. Will IoT attacks become more lucrative? Will cyberattacks increasingly cross over into the real world? Will DDoS and ransomware continue to grow? We wonder if high tech companies will be driven out of the U.K. and which presidential campaigns will be hacked.
Our final piece focuses on spam passing through the European country that generates the most outbound spam: Germany. This phenomenon is primarily due to Brazilian companies legally using several German hosting providers to send high volumes of bulk marketing emails. While Germany’s spam output is several times that of traditional spam sources such as Russia, India, and China, Germany’s three largest hosting providers are responsible for 72% of the spam: Contabo GmbH, Hetzner Online GmbH, and Global Access Internet Services GmbH. Paradoxically, German consumers are subjected to very little inbound spam.
For more information, the full report is available here (where you can also download a pdf version.)