Free Republic
Browse · Search
Topics · Post Article

Skip to comments.

IBM Report: Phishing Attacks in May Jumped More Than 200 Percent; Email Viruses up 33 Percent
Bigcharts marketwatch ^ | THURSDAY, JUNE 30, 2005 9:18 AM | BusinessWire

Posted on 07/06/2005 10:27:00 AM PDT by Ernest_at_the_Beach

ARMONK, NY, Jun 30, 2005 (BUSINESS WIRE) -- Today IBM reported that phishing attacks increased 226 percent, while viruses and worms, such as Sober and Mytob, also continued to spread rapidly through email and web applications, according to its May Global Business Security Index.

IBM security experts attribute the increase in phishing attacks to the rise of zombie botnets being used to pump out massive volumes of the scam emails used in phishing attacks, as cyber-criminals look to increase their profits.

IBM's report also indicates that in May more than 30 percent of emails contained some form of virus -- a 33 percent increase from the previous month. In many instances, the virus traveling via email infiltrated a computer's hard drive and then forwarded itself to the user's entire address book.

In addition, IBM reports that application hacking is how 90 percent of target systems are exploited. Two critical points in web application security are the creation and management of sessions and filtering all data input. These types of compromises from a web application can lead to exposure of banking information, private sensitive data like credit card information, and competitive intelligence information.

Key findings from IBM's May Global Business Security Index include:

-- Phishing explodes: Phishing incidents reached a peak point in January 2005 and then dropped again. In May, phishing attacks exceeded anything previously recorded, increasing by 226 percent.

-- Viruses grew: In May 1 in 32.2 (3.12 percent of all email) emails contained some form of virus or trojan attack, a significant increase over the past month of 33 percent. To combat malwares such as Sober and Mytob, and other variants of these viruses, IBM advises organizations to keep antivirus signatures up-to-date, and to keep current with Windows patches.

-- Spam levels off: In May, 68.7 percent of inbound email traffic contained some form of spam. This figure has remained relatively unchanged over the past three months; During the same period, the proportion of unwanted email originating from known botnets and open proxy sources has dropped by a further 1.7 percent for the second month running.

-- Application hacking exploits: Ninety percent of target systems are exploited because of Web application hacking. Financial applications and online shopping accounts are popular targets. Top Web application vulnerabilities include: invalidated input; cross-site scripting flaws; injection flaws; broken authentication and session management; and improper error handling.

-- Malware scam: a malware hijacking threat was discovered operating from the host name This website attempted to recruit partner websites to host a variety of malicious code to exploit Internet Explorer browsers. A successful exploit would result in numerous trojans, backdoors and spyware installed on the client. IBM has been identifying the hosting ISPs, strongly recommending the malicious Web sites be removed.

-- Educational institutions systems pharmed: In late May, after a long period of calm, IBM security analysts observed active exploitation of a Microsoft Library ASN.1 vulnerability. Correlating the signatures with other security events, IBM was able to determine that several attacking sources belonged to educational institutions, revealing that the attacking sources were compromised hosts, belonging to an Rbot network. IBM quickly notified customers and possibly infected institutions to address any outstanding issues.

"IT systems have become so crucial to today's business operations, work productivity, and customer service, that even a small disruption can have serious impact on business operations, and loss of data integrity or confidentiality can lose a customer base that took years to build," said Cal Slemp, vice president, security and privacy services, IBM Global Services. "Security is now something that companies can no longer afford to be without. IBM's approach offers companies a way to reduce overall business risk while helping them comply with legislations, regulations and build better business intelligence."

The IBM Global Business Security Index Report is a monthly report that assesses, measures and analyzes potential network security threats based on the data and information collected by IBM's 2,700 worldwide information security professionals and half a million monitored devices. For more information, please visit

TOPICS: Business/Economy; Culture/Society; Extended News; News/Current Events; Technical
KEYWORDS: emailviruses; internet

1 posted on 07/06/2005 10:27:01 AM PDT by Ernest_at_the_Beach
[ Post Reply | Private Reply | View Replies]

To: Ernest_at_the_Beach
"Where do you want to go be taken today?"
2 posted on 07/06/2005 10:40:17 AM PDT by Redcloak (We'll raise up our glasses against evil forces singin' "whiskey for my men and beer for my horses!")
[ Post Reply | Private Reply | To 1 | View Replies]

Comment #3 Removed by Moderator

To: F15Eagle
You'll get to visit granny in jail..

attribute the increase in phishing attacks to the rise of zombie botnets


4 posted on 07/06/2005 12:22:47 PM PDT by D-fendr
[ Post Reply | Private Reply | To 3 | View Replies]

To: Ernest_at_the_Beach

Sounds to me like IBMs selling some sort of phishing/spyware/spam protection software to me.

"The world is ending but our product will help make it worse".

5 posted on 07/06/2005 5:38:19 PM PDT by festus (The constitution may be flawed but its a whole lot better than what we have now.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Ernest_at_the_Beach
Schoooools out for summer!

6 posted on 07/06/2005 8:12:24 PM PDT by adam_az (It's the border, stupid!)
[ Post Reply | Private Reply | To 1 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794 is powered by software copyright 2000-2008 John Robinson