Intelligence: Q3 2015 Security Threat Report

In its Q3 2015 Security Threat Report Cloudmark reveals that SoftLayer Technologies – a Dallas-based hosting and cloud computing company that is owned wholly by IBM – generated the largest amount of spam detected by Cloudmark’s Global Threat Network. A whopping 42% of all outbound e-mail from SoftLayer in Q3 was spam, up seven times from the prior year. 

The bulk of the spam seems to be direct phishing e-mails, as well as e-mails with Trojans attached, sent to Brazil with the likely goal of getting access to victim’s credentials on the Boleto bank payment system. These tactics are aided by the lack of anti-spam laws in Brazil, and the spam from SoftLayer appears to be more malicious than much of the spam that takes advantage of these laws. Cloudmark suggests that not only does SoftLayer need to improve its customer screening, IBM should utilize its famed legal department to work with law enforcement in Brazil to identify and prosecute these criminals.

In its country report, Cloudmark takes a look at Australia, noting that, like many developed countries, Australia receives more spam than it sends. The spam that does generate from Australia is sent predominantly to Brazil (owing at least in part to the lack of anti-spam laws previously mentioned,) the US, and within Australia itself.

Australia’s internal spam is predominantly graymail, in which marketers attempt to trick people into subscribing to mailings, or utilize the fine print for one subscription to justify sending unrelated mail. Spam traffic from Australia to the US is mostly bootleg pharmaceuticals, diet pills, adult services, and phishing produced by botnet spam. The US sends the most spam to Australia, but the most malicious spam – from botnets to snowshoe spammers – comes from other parts of the world. 

Finally Cloudmark takes a look at phishing. This is an e-mail scam where attackers pretend to be a legitimate company, friend, or colleague. They then trick the recipient into doing something unsafe – from installing malware, to opening a malicious attachment, or clicking a link that takes them to a malicious web site. Or, they may try to convince them to enter personal data – anything from credit card details, to login credentials for bank accounts, email accounts, or other company resources. Alternately, they may attempt to trick an employee into replying to what appears to be an internal email, after which they claim that the employee’s CEO has requested that money be wired urgently.

Because of a combination of easy targeting, social engineering, and high tech deceit, phishing can have a success rate greater than 1 in 10 and as such it represents a growing threat.

Download the full report:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s