July 7, 2008
Verizon, Telecom Italia, and Brasil Telecom Top the Zombie Charts in Commtouch Second Quarter Trend Report
Commtouch(R) (Nasdaq:CTCH) today released its second quarter 2008 Email Threats Trend Report, based on the automated analysis of billions of email messages weekly. The report examines recent trends in email threats, especially the role of millions of dynamic zombie computers actively sending spam and malware every day.
Highlights of the report include:
-- Top domains with the most infected machines (aka zombies) based on Commtouch Labs research include: Telecom Italia, Brasil Telecom, and Verizon
-- Spam levels throughout the second quarter averaged 77%, ranging from a low of 64% to a peak of 94% of all email towards the end of the quarter
-- 10 million zombie IP addresses are active each day, on average
-- United States drops to 9th place in number of zombies globally. Turkey is #1 with 11% of all zombies
-- Pharmaceutical spam is the most popular topic, comprising 40% of all spam
-- Phishing scams took advantage of higher education community, as well as Google adwords users
-- Spammers experimented with vertical display in Chinese-language spam
"Zombie networks or 'botnets' have become so enormous and agile, they are flooding email with increasingly malicious threats," said Amir Lev, Commtouch's chief technology officer and president. "Many technologies attempt to identify and block email from senders known for sending malicious content, but they are not updated rapidly enough to keep up. By the time these lists are updated the threat has shifted to another set of zombies, leaving customers unprotected. On the one hand, ISPs have an obligation to protect their customers from unwanted email; however, they also have a responsibility to ensure that their customers are not a source of unwanted email by being part of these botnets."
Commtouch Recurrent Pattern Detection(TM) technology identifies and blocks email threats, including increasingly malicious malware and phishing outbreaks. Dynamic detection of zombie IPs provides effective protection against zombies, without causing high false positives.
More details, including samples of spam and malware messages, are available in the Commtouch Q2 2008 Email Threats Trend Report, available from Commtouch Labs at: http://www.commtouch.com/documents/Commtouch_Q208_Email_Trends.pdf.
For daily updates about top zombie domains, or "hot spots," see http://www.commtouch.com/Site/Resources/ZombieMonitor.asp#bottom.
NOTE: Reported global spam levels are based on Internet email traffic as measured from unfiltered data streams, not including internal corporate traffic. Therefore global spam levels will differ from the quantities reaching end user inboxes, due to several possible layers of filtering at the ISP level.
Commtouch Software Ltd. (NASDAQ:CTCH) is the source of proven messaging and web security technology for scores of security companies and service providers, founded on a unique datacenter-based approach. Commtouch's expertise in building efficient, massive-scale security services has resulted in its patented technology being used to mitigate Internet threats for thousands of organizations and hundreds and millions of users in over 100 countries. Commtouch's Data Centers automatically analyze billions of transactions in real-time to identify new spam, malware and zombie outbreaks as they are initiated. Commtouch's unmatched suite of security offerings - anti-spam, virus detection, reputation and zombie intelligence services - work together in a comprehensive feedback loop. Commtouch was founded in 1991, is headquartered in Netanya, Israel, and has a subsidiary in Sunnyvale, Calif. For more information and real-time statistics and trends, see: http://www.commtouch.com and the Commtouch Cafe blog at: http://blog.commtouch.com/cafe.
Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch is a registered trademark, of Commtouch Software Ltd. U.S. Patent No. 6,330,590 is owned by Commtouch.