Spam Intelligence: January 2015



23rd January 2015
There's no real surprise when we talk to customers that Spam is still a topic that can cause a lot of discussion and can often cause frustration. It's an area we take pretty seriously which is why back in 2012, we made considerable investment in improving our Cloud Anti-Virus & Anti-Spam Platform to better address issues that are caused by the disruption and time wasting of dealing with it.

Virus and Malware Infected E-Mail, combined with more basic spam is actually a pretty significant part of the overall volume of e-mail we process - in fact at times it can reach greater than 80% of all the e-mail we process. That's a number worth remembering because it has a lot to answer for!

Global companies such as Trend Micro say that between 2012 and 2013 they've seen increases of about 60% in the volume of spam - and we'd tend to agree. Stats do vary because of our customer mix, geographical interests and so on. It's actually one of the reasons more recently we've started noticing some really huge spam waves that are spoofing UK companies and aimed at being received by UK companies also.

There's clear logic in this too - after all, if someone in the UK receives an e-mail purporting to be a company that's based in the US for example, there's more chance of them deleting or or otherwise being suspect of it. However, if that e-mail is from a well known UK brand, especially if there's a chance they might have a relationship with them - they're more likely to fall foul and thereby achieve the aims of the spammers.

So what have we noticed?

In the past few weeks, we've noticed:

Low Time High Volume UK Centric Attacks

Perhaps the most obvious trend is that we're seeing more and more short-term, high-volume waves of spam. Notable cases in the last couple of weeks include waves that started in the early morning and slow down from around 2pm onwards. One such example was continual e-mails purporting to be from a company called "Datasharp". They're actually an Telecomms company in Cornwall - perfectly legitimate, but they were victims of a bit of online identity misuse - so e-mails not generated by them claimed to be. We were seeing volumes in excess of 300 messages a minute at peak claiming to be them. That's something like 18,000 messages every hour supposedly claiming to be them in just one spam attack. They're generally repetitive types of message, and our systems rapidly pick them up and start blocking them, but the potential legitimacy is there - users stated in the e-mails are real people. the companies are real, identifiable and genuine.

A Risk in Attachment Based Attacks

Equally, and not unrelated is the trend for a malicious e-mail to contain attachments again - and not simply provide links to an infected/compromised web site. In fact, it's on the rise by our data with more recent weeks resulting in a huge rise in much larger e-mails containing attachments. There's plenty of logic - many defence systems skip messages over a certain size. Our system doesn't fail so readily, but it does cause considerable extra demand on the systems scanning e-mail.

An Explosion in the Sheer Volume

So far in January 2015, we've seen the volume of messages increase by around 6 times at peak times compared to December 2014- that's a huge increase, and not something that is entirely without issues. Few systems are designed to cope with such massive rises and we're aware that more and more customers find themselves without service as servers fail to cope. Even our systems have been pushed at times despite having considerably more resource available than a typical end customer. In fact, we've been investing again and adding additional capacity every week so far in 2015, and have now quadrupled the overall available capacity with more improvements due in February to help ensure we're able to cope with these sudden rushes.

What can be done?

The most important thing to do is ensure you've got good protection - at cloud level using a service such as our own Cloud Anti-Virus and Anti-Spam service to considerably reduce your chance of being hit by an attack. But you'll still need to ensure that you have your own Anti-Virus services - on servers, desktops and so on - because attacks and compromises can come from all kinds of sources.

If you think you'd benefit from better protection, why not speak to our team and see how we can help you deliver more effective protection against the continual rise of the spam machine.

<< Back to the Blog

<<
 

IT Survey & Challenge Quiz!IT Survey & Challenge Quiz!

Are you getting the best out of your IT?

Take the Quiz

Popular VPWSYS Services:

Backup Services - From just £8.00 a month, affordable protection against loss of data
Domain Names - We provide Domain Name services from just £9.37 + VAT
Pre-Paid Support - On the phone and in person, and you're only charged for the time you use.