Global spam volumes drop, hackers tire of Windows, Cisco says

Despite this good news on spam worldwide, 2010 saw an increase in spam in developed economies where broadband connections are spreading, including France, Germany and the UK. In the UK, spam volumes almost doubled from 2009 to 2010, according to the report.

At the same time, Brazil, China, and Turkey showed significantly lower volumes in 2010. In particular, Turkey's spam volumes dropped 87% due in part to the takedowns of the Waledac and Pushdo/Cutwail botnets.

“The most notable thing about the botnet takedowns is that this was not an effort by a single company, organization, or individual, but rather a group of companies and agencies that worked cooperatively. If we can continue this momentum, we will see the continued disruption in the revenues for these spammers”, Mary Landesman, Cisco senior security threat researcher, told Infosecurity.

On the good news front, Windows-based PC platform and application vendors have shored up security in their products and taken a more aggressive approach to patching vulnerabilities. As a result, scammers are finding it harder to exploit the Windows platform and are looking elsewhere to make money. The bad news is that they are having greater success attacking vulnerabilities in other operating systems.

The report also finds cybercriminals are investing heavily in "money muling" and that users continue to fall prey to myriad forms of trust exploitation. As the underground cybereconomy expands and criminals gain access to more financial credentials, there is a growing need for money mules to help scammers launder money. Money muling operations are becoming more elaborate and international in scope, and Cisco anticipates they will be a major focus of cybercriminal investment in 2011.

Landesman noted that cybercrime often involves the exploitation of trust among internet users. “It is more insidious when you have malware delivered that appears to be from somebody that you know”, she said.

The report lists seven "deadly weaknesses" that cybercriminals exploit through social engineering scams – in the form of e-mails, social networking chats or phone calls. The seven weaknesses are sex appeal, greed, vanity, trust, sloth, compassion, and urgency.

“When hackers are able to exploit trust relationships among users, they will then exploit vulnerabilities in the software”, Landesman said. Vulnerabilities in Java were the most exploited in 2010, three and half times the exploitation rate of other software, she added.

Landesman warned that the Stuxnet worm will be a growing threat in the coming years. “Stuxnet is particularly insidious because it was deliberately programmed for sabotage and disruption…Stuxnet signals a new evolution in malware where it is used as a political or military tool for manipulating economies or creating industrial disruption. That is very concerning.”

What’s hot on Infosecurity Magazine?