Viruses are back with a vengeance, statistics….

by Stephane

Viruses: more numerous, faster and more targeted

According to the statistics, the spam rate seems to have stabilized at around 55%. Botnets are being used less and less to send spam. Viruses, on the other hand, are on the increase: more numerous, faster and more targeted. They require extra care and vigilance on the part of all users. Let’s take each of these points in turn.

The following figures are based on all our customers, from 2005 to the present day. All graph data are smoothed over 1 week to avoid the “weekend effect” (fewer legitimate e-mails, therefore proportionately more spam).

Spam rate

The first graph represents the rate of spam received out of the total number of emails received. It shows the ratio of spam/mails received from 2005 to last week.

We can see a gradual increase in the number of unwanted e-mails received until 2009. The years 2009-2010 saw a significant increase in the number of spam messages, with an average of 90% of undesirable emails in mailboxes, rising to as much as 95% of incoming mail. On the other hand, the graph shows a significant drop in the number of spam messages received between April 2010 and February 2013.

Since February 2013, there have been successive rises and falls, with an average of 55% spam (regularly fluctuating between 40% and 70%) clogging up email users’ inboxes.

 

Rate of spam sent from a botnet

The graph below shows the ratio of the total number of spam messages sent via botnets to the total number of emails received per day from all our customers.

zombie-rates

The number of zombies, and the overall number of botnets used to send spam, fell steadily over the analysis period. At the current level, we can see that these networks are no longer used to send spam, or that there is less of it, or that it’s harder to identify!

Botnets versus spam numbers

This graph, showing the ratio of spam sent by botnets to spam received, confirms that spam received is now sent by just 10% of botnets , compared with over 50% in 2006.

rate-zombies-spam

We are finding that spam is becoming increasingly sophisticated, requiring ever greater resources to counter it. While detecting spam from botnets is straightforward and not very time-consuming, most of today’s spam is more sophisticated (very similar to legitimate email) and therefore more complicated to identify. Their analysis requires the use of more resource-intensive, and therefore more expensive, technologies.

For example, in the case of so-called ” president scams “, these are calculated and highly targeted mailings. The sender has taken care to analyze his victim, and to create a legitimate address valid for the occasion, to which the recipient can reply. Spam is extremely difficult to detect.

Number of viruses per email received

The graph below shows the ratio between the number of emails received containing a virus and the total number of emails received. Although these statistics do not take into account viruses contained directly in EXE-type files in particular (which are very important), as these emails are rejected upstream of our solution, viruses are still present and appear ever more dangerous.

virus-2009-2015

Over the last 6 months to 1 year, we’ve noticed a significant increase in the number of viruses. Their spread is increasingly rapid, and unfortunately often more so than antivirus updates themselves. For this reason, it is now highly recommended to have several antivirus programs running at the same time, or at least several antivirus databases.

Increasingly, we’re also finding that viruses are not known to any antivirus software at the time they are received (out of 57 antivirus software tested worldwide). These facts confirm the need to be highly reactive when it comes to antivirus updates, and above all to be equipped with an alternative system based on the detection of suspicious files: we invite you to read the following article on this subject https://www.altospam.com/actualite/2014/02/la-forteresse-daltospam-les-malwares/

What’s more, we’d really like to warn you about ransomware, which has been very active in recent months. At our level, we’re doing everything we can to block this particularly dangerous malware, first and foremost by setting up the anti-malware fortress mentioned above, but also by systematically blocking certain files. For example, compressed files containing executables are systematically rejected (see the following article https://www.altospam.com/actualite/2015/02/fichiers-bloques-par-altospam/).

In general, be very careful when opening attachments, especially when the e-mail seems dubious: never open executable attachments contained in zipped files.

We would be happy to let you test our Altospam solution at https://www.altospam.com/fr/test-gratuit.php.

 

Test Altospam’s solutions!

Thousands of companies, CTOs, CIOs, CISOs and IT managers already trust us to protect their e-mail against phishing, spear phishing, ransomware, …