---------- Forwarded message ---------- From: Microsoft Malaysia <[email protected]> Date: Thu, Apr 22, 2010 at 10:14 AM Subject: Malware, SPAM and Phishing To: [email protected]
If you are unable to view this HTML eDM, please click here<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f29e60a2e9d220a4006165bcc1617b310d09e51fd3d666a414342dcfee1d81d262> [image: Malware, Email Threats and Phishing - Still a Threat and Getting More Sophisticated in Nature!] In this edition of the Microsoft Security Intelligence Report Series – Part 3, we will be looking at malicious and potentially unwanted software. Specifically malware, email threats and phishing attacks. Malicious and Potentially Unwanted Software Infection data from several Microsoft security products demonstrates the highly localised nature of malware and potentially unwanted software. In the United States and United Kingdom, Miscellaneous Trojans account for the largest single category of threat with families such as Win32/Alureon and Win32/Vundo common in both locations. The top threat in France and Italy by a wide margin was the Miscellaneous Trojans family Win32/Wintrim. In China, many of the most prevalent families are Chinese-language threats such as the browser modifier Win32/BaiduSobar or password stealers that target players of online games, including Win32/Lolyda and Win32/Frethog. Brazil is dominated by Portuguese-language password stealers that target online users of Brazilian banks, led by Win32/Bancos. Spain and Korea are both dominated by worms, led by Win32/Taterf which targets players of online games. The prevalence of Taterf in Korea may be due in part to the worm’s propensity to spread easily in Internet cafés and LAN gaming centres. While security software is evolving, so is the sophistication of attacks. Customers therefore need to ensure they build a defence-in-depth approach to security and combine technology to ensure the greatest protection. *Microsoft® Windows® 7 and Windows® Server R2<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2f22873822ec887b95376eef14528613d179747ad051bc7fe2fab5fc10ef56a65> * together deliver security that extends beyond the desktop. *Malicious And Potentially Unwanted Software - Geographic trends by system "location" setting* Threat categories worldwide and in eight locations around the world, by incidence among all computers cleaned, 1H09 E-mail Threats The vast majority of e-mail messages received via the Internet are unwanted. Not only does this tax the recipients’ inboxes and the resources of e-mail providers, it also creates an environment in which e-mailed malware attacks and phishing attempts can proliferate. Blocking spam, phishing, and other e-mail threats is a top priority for e-mail providers, social networks, and other online communities. Here is a snapshot of some facts on email threats around the world in 1H09: - Forefront Online Protect for Exchange (FOPE) blocked 97.3% of all unwanted messages at the network edge - The dominant form of spam in 1H09 was product advertisements - Most spam was sent through botnets or other automated tools Using technology like *Microsoft® Forefront for Exchange and SharePoint<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2af29925f920e53e40c97ef7b0584fcafa54433cc9017a1e0b8637d04bdb3b57e> * reduces SPAM entering an organisation’s perimeter and from being circulated further through email and collaboration servers. Phishing Legitimate websites belonging to innocent parties that have been compromised are often used by attackers to host phishing pages or distribute malware. In many cases, just visiting these sites can be dangerous, since attackers often create exploits that can silently download malware to vulnerable computers as soon as the user loads the page. Installing *Security Updates<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2a00816b67182013d3a99dbbb42cd70955cff23dd9c2d522c5622c5e6bb5106d9> * for the operating system, the browser, and any installed browser add-ons in a timely manner can greatly reduce users’ chances of being victimised. Microsoft maintains a database of known active phishing sites reported by users of Internet Explorer and other Microsoft products and services. When a user attempts to visit a site in the database with *SmartScreen Filter<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2488d15e128b074ba410b528c8f7d60496ca71e5d6058c89e015c5c4f66cc24be> * in Microsoft® Internet Explorer 8 enabled, Internet Explorer checks the URL against the database. If the site has been reported as a phishing site, Internet Explorer blocks navigation to the site and displays a warning. Microsoft monitors traffic to the reported phishing URLs and uses the information to improve its filtering technology and its efforts to track suspected phishing sites. *Malicious Web Sites - Analysis of phishing sites* Unique attempts at Phishing blocked by smart screen filter in Internet Explorer 8 Phishing impressions tracked each month in 2H08 and 1H09, indexed to January 2009 After remaining mostly consistent throughout 2H08 and through April 2009, the number of impressions suddenly almost quadrupled in May and rose even higher in June. However, the number of actual phishing sites decreased, with analysis showing social networking sites the target of 76% of phishing attacks in 1H09. *Malicious Web Sites - Target institutions* Impressions for each type of phishing site each month in 1H09 To find out more about malware, email threats and phishing, *read the report<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f219ca985ad5b819b6a118eea43cdf8533be3e06dbeebfcdad961c856fc7dc2160> * on our site. And do remember to look out for the final part of our Security Series, Part 4, where we’ll provide some valuable recommendations on how to keep your *computers, data and your enterprise safe*. Unsubscribe<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f24cec7f4d564729154473bd98f7d392bfee674daf87c5a39920c77e5416051b96>| Update your profile<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f24cec7f4d564729154473bd98f7d392bfee674daf87c5a39920c77e5416051b96> © 2010 Microsoft Corporation Terms of Use<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2b16d5a314abf791d0be0a2bd102e60f2a4162da62efbf4d391875e2d54cb86fd>| Trademarks<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f2f6bf09c1705ff6099723e7b0829330beb5a8c86565f2453968ab5847f6d2f8a8>| Privacy Statement<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f274643788b3164e97dd5199f22319419b050a7cdb99492b643c9c84daaf8bef39> [image: Microsoft] Update Profile<http://click.email.microsoftemail.com/?qs=f808f27e3dd520f237344e7acf647126f973d3d8a9bc5ddb675d3ee14c5557545cb7747ffd014482>
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
