Internet security warnings are coming thick and fast at the moment and giant computer security company Symantec is actively tracking a new threat.

It’s a worm with malicious intent and spreads via a socially engineered email attack, and internet security companies have been quick to warn internet users of exactly how malicious it is. If you receive the email and make the mistake of clicking on the link embedded within, you are taken to a webpage hosting a PDF file (which is in fact a disguised, malicious program). When the unsuspecting user clicks on this link, the installation of the threat W32.Imsolk.B@mm begins immediately, and the malicious program is soon at work inside the user’s computer. All of this, without the internet users knowledge.

So what does the program do once installed?

This particular worm is designed to disable many antivirus products, and so can move about undetected. Not only that, but it starts to try and breed itself onto more computers; a copy of the email the affected user was sent is passed on to the contacts in the user’s address book. Just to ensure that it is spread beyond the one computer, the worm also attacks other users through home or office networks, thereby spreading the affects of this nasty worm further.

Symantec, who have taken the lead in warning users of the dangers of this worm, has seen the damage that can be caused. They claim that the email the worm is borne within is sent out in such large numbers that some e-mail servers have been completely crippled by the amount of these messages sent.

How can one deal with this particularly virulent threat?

As always with these kinds of dangers, prevention is considered to be the best cure. Security software companies urge users to buy an extensive and complete internet security package so that computers are kept protected from these sorts of threats. If for whatever reason a piece of malware or malicious program slips through the net, a user’s computer needs to be able to defend itself against the attack and have the right capabilities to disarm and destroy the threat; this is what a complete security package should provide.

Guest Article by Neil Camp

Symantec has just published one of its regular major security software reviews.

Symantec, developers of the Norton antivirus product range, publishes monthly security software reviews under the title of MessageLabs Intelligence Reports. One of the highlights of the report relates to botnets; the report suggests that almost 95% of spam is sent from a botnet, compared to 84% in April this year. More specifically, the report reveals that Rustock has kept its number one spot as the most common spam-sending botnet, responsible for 41% of botnet spam (up from 32% in April this year).

One reason behind Rustock’s increase in spam presence is that it no longer uses TLS encryption to send out spam; this speeds up connections and increases the amount able to be sent by the botnet. The figures for the use of TLS have dropped considerably; in March this encrypted spam was attributed to 30% of spam sent from all different kinds of sources, and 70% of spam sent from Rustock; this has dropped to 0.5% today.

Paul Wood, the MessageLabs Intelligence Senior Analyst, Symantec Hosted Services, explains: “It is likely that because TLS slow connections due to the additional encryption processing required to send a spam email, the botnet controllers realized that this tactic impeded their spam-sending capabilities,” Wood said. “As a result, Rustock’s dominance has never looked better as its spam-per-bot-per-minute rate more than doubled from 96 spam emails to 192.”

The report also highlights global variations in spam; the UK, it claims, is responsible for 4.5% of all the world’s spam, a percentage that has more than doubled since the month of April. Four of the top 10 spam sending countries (the UK, Germany, France and Italy) can now be found in Western Europe, showing a global shift in the sources of the most troublesome and high-volume spamming.

The MessageLabs Intelligence Report was not just focused on spam; it highlighted a number of other changes and developments in internet dangers. For example, viruses. They noted that the ratio of email-borne viruses in people’s day-to-day email traffic from new dangerous sources was down from July by 0.02%, at 327.6 emails in August. Phishing was also covered in the report, which revealed that 1 in 363.1 emails, which was a 0.10 percentage increase since July.

Geographical trends were also discussed extensively in the report; rises in levels in spam in countries such as Hungary, Hong Kong, Japan and China; the percentages of spam in emails in the US, Canada and the UK; and the sudden targeting of Oman with phishing attacks in the month of August. Vertical trends, such as the automotive sector being the most the spammed sector in industry (at 94.8%), and the Education sector being at a spamming level of 92.9%, were also discussed.

With its security software reviews, Symantec hopes to keep the using public in the know as to the various changes in threats and dangers in all sorts of areas, from spam to viruses.

Guest Article by Neil Camp

The latest anti virus review from the Symantec MessageLabs Intelligence unit, produced by the company which develops the Norton Antivirus software, warns that spammers are making greater use of shortened hyperlinks.

The anti virus review shows that over the last 12 months, the percentage of spam which contains shortened hyperlinks has dramatically increased from a one-day peak of 18% on 30 April, 2010, compared to just short of 10% in 2009.

And 18% equates to just over 23 billion emails. Another way to see it is that for some days in 2010, around 5% of all spam messages contained shortened hyperlinks.

Paul Wood, MessageLabs Intelligence Senior Analyst, at Symantec Hosted Services, the team behind Norton Antivirus, said:
“As far as spammers are concerned, any tactics that make it harder to block their spam emails are going to be exploited. When spammers include a shortened URL in spam messages, these shortened hyperlinks contain reputable and legitimate domains, making it harder for traditional anti-spam filters to identify the messages as spam based on the reputation of the domains found in the spam emails.
“While botnets are often the source of short URL spam, 28% of this type of spam originated from sources not linked to a known botnet such as unidentified spam-sending botnets or non-botnet sources such as webmail accounts created using CAPTCHA-breaking tools.”

The anti virus review also stated that spammers shortened hyperlink strategy is working. For every 74,000 spam emails which contained a shortened url link, one website visit was generated. Furthermore, the most often used shortened hyperlink contained within spam got more than 63,000 website visits.

The various Norton Antivirus Software packages are continually updated from information supplied by the Symantec MessageLabs Intelligence unit.

Guest Article by Neil Camp

Via their latest Symantec MessageLabs Intelligence antivirus review, Norton is warning that the risk from web threats has rocketed about 20% over the same time last year. And that analysis revealed the worrying statistic that of the domains which were blocked in 2010 as malicious, nearly 90% of them were legitimate, but had been compromised with malware that had been embedded without the owners being aware there was a problem.

The antivirus review also highlighted a new phishing threat which attacks under the guise of a PDF Reader Update. More than 26,000 attacks using this technique had been stopped and the scam was built around trying to collect victims’ bank and credit card details.

In general, phishing emails accounted for one in every 558 emails, or roughly 0.18%.

In July, the number of email-borne viruses which originated from new and what the industry call previously unknown sources, totaled one in just over 300 emails, or 0.3%, which was down a touch on June.

Endpoint threats – those that attack endpoint devices which include servers, PCs and laptops – continue to be a major hazard; one made worse by the increasing use of removable drives and memory sticks. And one of the most dangerous pieces of malware is reported to be the Sality.AE virus, which spreads as a download from the internet and via removable drives.

The Norton antivirus review also detailed the various vertical trends when it comes to spam and viruses. Amongst other findings, it concluded that the most spammed industry sector in June was engineering. This had the dubious distinction of achieving a spam rate of 92.6%.

Next came the retail sector with 89.9 and ironically, the IT sector scored an unimpressive 89.6% and education on 89.1%. The chemical and pharmaceutical sector weighed in with 89%, followed by 87.4% for finance and 87.3% for the public sector.

The engineering sector continued to cover itself in glory; in July it became the most malware targeted industry with roughly one in 112 emails being blocked as having malicious intent, or containing malicious content. As for the other sectors, the number of malicious emails was one in 227 for education; for finance (1-246); IT (1-377); chemical and pharmaceutical (1-449); and, retail (1-706).

Guest Article by Neil Camp

Norton has notched up another award; this time its OnlineFamily.Norton, a free online safety service, which has walked off with the iParenting Media Award in the Best Software category.

Norton is the brand name of Symantec, the US NASDAQ quoted group, and is one of the main players in the computer security industry.

OnlineFamily.Norton is all about creating a service, based on the internet, that hands parents the power to connect with their children’s online experiences. The idea is to understand what the kids are seeing, learning and actually doing whilst online. And this process is known as ‘The Talk’ – the communication between parent and child to help keep the latter safe on the internet.

Created in 1996, iParenting.com is a parents and parents-to-be online community website. It is part of the Disney empire and sits alongside such other sites as FamilyFun.com, Kaboose and DisneyFamily.com. Indeed, it is part of a 40 website network which grew from one single website, www.PregancyToday.com.

And iParenting Media is the team behind the iParenting Media Awards Programme which is certified as a product review system.

Marian Merritt, Norton Internet Safety Advocate, said:
“We are extremely pleased that iParenting Media has recognized OnlineFamily.Norton as the best solution to protect kids online. Unlike existing parental controls software, which focus primarily on blocking objectionable sites and applications, OnlineFamily.Norton helps protect kids online by fostering a dialogue between parents and kids about their online lives.”

An iParenting spokesperson said:
“Unlike many parental control products, OnlineFamily.Norton aims to create dialog between parents and kids, not assert draconian control.”

Symantec is behind the Norton Antivirus series of products which protect computer users from cybercrime in all its manifestations, including viruses, spyware and phishing. It develops software programmes to combat such nasties, whilst trying not to absorb too much computer power to run them in the background.

Guest Article by Neil Camp