Symantec says spam levels down, but Kaspersky says levels are up

Interestingly, however, the Russian IT security vendor says that spam levels accounted for an average of 80.8% – which is in line with Symantec's analysis of volume.

The most significant changes, says the report, took place in the ratings of web services attacked the most with the use of phishing emails.

4.67% of all phishing emails were intended to steal passwords for the popular free online game RuneScape. As a result, this platform made its debut in the top-ten – straight in at No. 3 – way ahead of World of Warcraft, which Kaspersky notes is the most popular online game in the world.

RuneScape, says the report, is also of interest to cybercriminals, as it has access to user details of the popular social networking site, Facebook.

Another interesting trend, Infosecurity notes, is a modest rise in the volume of malware in email traffic, which Kaspersky logged at 4.1% during May – an increase of 0.45 percentage points on April.

The analysis notes that the two countries that have led this rating over recent months once again switched places. Russia retook the top spot with the number of blocked emails containing malicious attachments increasing by over 4 percentage points compared to April.

Also during May, India and Vietnam's share in this rating grew. Vietnam with over 8% of all blocked emails containing malicious attachments claimed third place, pushing the UK down to fourth place.

India (5.21%) came fifth, leap-frogging Italy and Germany, who occupied 6th and 7th places, respectively.

Kaspersky's analysis – especially when viewed against the backdrop of Symantec's – is interesting, but Infosecurity was fortunate enough to get the view of Paul Davis, European Director at FireEye, who thinks that, although spam is a problem, the real, and increasing, threat is spear phishing.

According to Davis, with a name, title and a few personal details about travel or business activities, a criminal can craft an email any user will click on.

"Existing email control points like anti-spam and gateway anti-virus are being bypassed by advanced malware, zero-day and targeted APT attacks that evade signature – and reputation-based defences", he said.

"To detect spear phishing and other targeted attacks you need to dynamically analyse both content and links in email and block blended threats across the web and email", he added.

What’s hot on Infosecurity Magazine?