New York and London – June 4, 2007 – MessageLabs, a leading provider of integrated messaging and web security services to businesses worldwide, today announced the findings of its MessageLabs Intelligence Report for May 2007. In this report, the data shows an increase in sudden spam surges, or ‘spam spikes’. Virus and phishing rates increased this month and while spam rates decreased overall, MessageLabs identified new image spam techniques using image hosting sites.

Spam spikes occur when individual domains are targeted in a particularly aggressive spam attack. In one spam spike that lasted only 11 hours, more than 10,000 spam messages were attempted, accounting for more than 75 percent of the total messages received by the domain during the entire period. This type of attack is a threat to enterprises and can be detrimental to small-and medium-sized businesses resulting in an overload of email servers, which can defeat appliance-based anti-spam systems that rely heavily on signatures created over a long period of time to counteract the attacks. A spam spike is designed to increase the amount of spam that gets through a network while a distributed denial of service (DDoS) attack disrupts connectivity. However, a spam spike can have an effect similar to that of a DDoS attack.

“This month the bad guys continued with their aggressive attacks by developing new tactics to fly under the radar and cause the most damage,” said Mark Sunner, Chief Security Analyst, MessageLabs. “With the increase in spam spikes and new techniques with image spam, it is crucial for businesses to take a multi-layered security approach among email, Web and IM to protect their employees and their systems completely from these malicious attacks.”

Analysis of this month’s data showed that spammers continue to innovate and employ new methods to elude traditional anti-spam solutions. Rather than embedding images in the body of an email message, spammers are now hosting images on sites that do not require registration and include links to those sites or an HTML image in the email message. The group using this new image spam technique is the same group repsonsible for the recent abuse of Imageshack. Without registration requirements or validation of image sources on such hosting sites, MessageLabs predicts that this scheme will continue.

Other report highlights:

Spam: In May, the global ratio of spam in email traffic from new and unknown bad sources, for which the recipient addresses were deemed valid, was 72.7 percent, a decrease of 3.4 percent from last month. Image spam accounted for 15-20 percent of spam this month.

Viruses: The global ratio of email-borne viruses in email traffic from new and previously unknown bad sources destined for valid recipients, was 1 in 118.2 emails, an increase of 0.16 percent since April. MessageLabs again conducted analysis on the highly specialized targeted attacks intercepted during May and found that 595 emails in 180 different domains for 168 clients were stopped. Although the numbers are down slightly from the previous month, 64 percent of the attacks exploited vulnerabilities in Microsoft Word, 17 percent exploited Microsoft Excel, and 14 percent exploited Microsoft PowerPoint.

Phishing: In May, phishing rates were highest since December 2006.

May showed a rise of 0.4 percent in the proportion of phishing attacks compared with April. One in 156.3 emails comprised some form of phishing attack. Phishing emails accounted for 78.9 percent of malicious email traffic intercepted in May, including emails that contained email-born threats such as viruses and trojans, a 43.9 percent jump from the previous month.

Geographical Trends:

• Although spam rates overall have decreased for the month, Israel continues to have the month’s highest spam rate at 61.6 percent.
• Despite a fall in virus levels of 0.09 percent this month, India continues to lead the virus chart with a virus level of 1 in 32.6.
• China saw a 1.07 percent rise in virus rates this month giving it the second highest rate worldwide with 1 in 44.6.

Vertical Trends:

• The Agriculture vertical was the only sector to see an increase in spam in May. Rates rose 8.1 percent putting Agriculture at the top of the vertical spam list with 63.1 percent.
• The Building & Construction vertical saw the largest decrease in spam with rates falling 11.1percent.
• The greatest rise in virus rates came in the Chemical & Pharmaceutical vertical at 0.65 percent raising the rate to 1 in 64.9 and pushing the vertical to the top of the vertical virus chart.
• The Business Support Services sector dropped from the top five this month as a result of the largest virus rate decrease across all sectors of 1 percent.
• The May 2007 MessageLabs Intelligence Report provides greater detail on all of the trends and figures noted above, as well as more detailed geographical and vertical trends.
  
  The full report can be downloaded here.

MessageLabs Intelligence is a respected source of data and analysis for messaging security issues, trends and statistics. MessageLabs provides a range of information on global security threats based on live data feeds from our control towers around the world scanning billions of messages each week.

MessageLabs (Booth # 217) will be exhibiting at the Gartner IT Security Summit June 4-6 in Washington D.C. Mark Sunner, Chief Security Analyst, MessageLabs, will present a Solution Provider Session on the Security Landscape on Tuesday, June 5 at 1:30 p.m. immediately followed by a Case Study Session, Software as a Service Model, at 2:05 p.m.