Over 95 billion phishing emails will be sent this year and spam will account for no less than 89.1% of all electronic mail messages.
The stats, which come as part of an audit by security giant Symantec on what it calls a "record year for malware," surely tell us that email is just not an appropriate business communications medium any longer.
Symantec subsidiary MessageLabs’ Intelligence Report (which you can download from here) actually goes further – that in August it actually hit 92.2%. That’s spawned by the millions of botnets out there pumping out crap to us – the firm doesn’t know if that figure is 3.5 or even 4.4 million, by the way.
Meanwhile, the average number of new malicious web sites blocked each day rose to 3,066, well up on 2009’s 2,465 – a 24.3% rise. Symantec said it identified 339,673 different strains of malware among the 115.6 million emails that it blocks during the year and as stated above, 95.1 billion phishing emails are projected to be in circulation in 2010.
The report is very interesting on the international dimension of all this. At the end of 2009, 96% of spam sent was in English, but this number has slowly declined during 2010, falling to an all-time low of 90% in August, where it has remained since and 10% of spam is now sent in local languages. The bulk of spam was sent from Asia and South America at the start of the year, but by the end of the year the majority was sent from Europe, accounting for approximately 30% of global spam.
How much of email is not just useless spam but actually contains harmful material? In 2010, the average rate for malware in email traffic was 1 in 284.2 emails (0.352%), almost unchanged when compared with 1 in 286.4 (%) for 2009. But of that, nearly a quarter, 23.7%, of malware blocked in 2010 contained a malicious link within the body of the message, compared with 15.1% in 2009. In 2010, there were over 339,600 different malware strains identified in emails blocked, representing over a 100-fold increase compared with 2009.
One of the biggest problems is drive-by attacks, where legitimate web sites are inadvertently affected with malware; of 42,926 domains identified as malicious in 2010, the majority were such compromised legit domains. And roughly 200 to 300 corporations are targeted each month with specific malware meant for that organisation alone.
There’s also a growing trend to take advantage of events like the World Cup to spread malware and cyber criminals have also taken to disguising malware in short links and social networks to lure their victims.
The report does not suggest any solution – it’s just a very informed mapping out of the problem. I have a solution and I think it is also one that Gen Y have already started; stop using email. It’s all SMS, MMS and IM – and you can’t blame them.
Or maybe we should go back to snail mail and the telephone? Last time I looked, none of these idiot hackers had started polluting those communication media…