The February edition of Symantec’s 2011 MessageLabs Intelligence Report reveals that South Africa is the most targeted country by email malware, worldwide, with 1 in 81.1 emails being blocked as malicious during February.
South Africa also remains the most targeted by phishing emails with 1 in 32.5 emails being blocked as a phishing attack.
Spam accounted for 81 percent of the country’s email traffic. Overall, in February 2011, the global ratio of spam in email traffic increased by 2.7 percent and now counts for 81 percent of email traffic – 1 in 1.23 emails.
The Public Sector held its position as the most targeted industry in February with 41.1 emails being blocked as malicious. Most of this email-borne malware is transferred by malicious hyperlinks.
Attackers are also beginning to target users with PDF files that conceal malicious content. Many people still consider PDFs a relatively trusted file type, however PDFs are potentially one of the most dangerous file formats available as it is significantly easier to generate legitimate and concealed malicious content with PDFs than it is to do so with other file formats.
Since the end of January 2011, MessageLabs Intelligence has identified significant volumes of integrated attacks that make use of targeted techniques.
As February began, the attacks increased in number and these malware families were used to conduct simultaneous attacks via propagation techniques, signalling the likelihood of a common origin for these infected emails.
MessageLabs Intelligence identified that in February, there were at least 40 variants of malware associated with the Bredolab Trojan, accounting for approximately 10.3% of email-borne malware blocked in February. Bredolab is a familiar Trojan used to drop other forms of malware onto an infected PC.
All of these attacks made use of a ZIP archive attachment that contained an executable (either an EXE or SCR file extension) that comprised the malware code. In February, 1.5% of malware blocked comprised ZIP archive attachments.
“Since MessageLabs Intelligence began tracking targeted attacks, it appears that the overall percentage of targeted malware in circulation with office-based file formats, such as spreadsheets and documents, has diminished,” said Jason Ellis, Vice President EMEA Channels, Symantec.
“This is perhaps a result of the increased popularity of other file formats as they become easier to use. What is more intriguing, however, is that malicious executable files, such as EXEs have also increased in frequency, in addition to the most popular file format, PDFs.”
The full report is available for download at: http://www.messagelabs.com/resources/mlireports.aspx
South Africa most targeted by email malware in February << Comments and views