Story image

Cyber-thieves use 'marketing-like' tactics says Microsoft

13 May 11

Microsoft released its latest Security Intelligence Report today, which it says highlights a "significant increase" in the use of "marketing-like" approaches by cyber-criminals. 

The report found the majority of these type of criminal methods involved the use of malware. Malware is corrupt software often disguised as a marketing campaign or product promotion that looks legitimate but internet thieves can use it to trick users with pay-per click schemes, false advertisements or fake security software for sale (see our story on the first such Mac-targeted threat). 

Among the key findings were:

  • Vulnerabilities in applications, rather than operating systems or browsers, accounted for the majority of exploited vulnerabilities. 

  • Exploitation of Java vulnerabilities increased sharply in the second quarter of 2010 and "surpassed every other exploitation category" tracked. 

  • The number of Adobe Acrobat and Adobe Reader exploits accounted for most of the document-format exploits detected but the number also dropped by more than half during the year. 

  • Microsoft Office exploits accounted for between 0.5 and 2.8 percent of document-format exploits detected. 

  • After the takedown of servers associated with the Win32/Cutwai spambot, there was a "significant drop" in the average daily volume of messages blocked. 

  • Advertisements for nonsexual pharmaceutical products accounted for 32.4 percent of spam messages blocked.

  • The number of malicious phishing sites targeting gaming sites has declined, while the number of phishing sites targeting social networks increased - possibly due to the finding that phishing sites that target social networks "routinely receive the highest number of impressions per active phising site."

The Security Intelligence Report focuses on the period of July to December 2010 and, according to Microsoft, includes analysis of data from more than 600 million systems worldwide.

Dell dominates enterprise storage market, HPE declines
The enterprise storage system market continues to be a goldmine for most vendors with demand relentlessly rising year-on-year.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.
Record revenues from servers selling like hot cakes
The relentless demand for data has resulted in another robust quarter for the global server market with impressive growth.
Opinion: Critical data centre operations is just like F1
Schneider's David Gentry believes critical data centre operations share many parallels to a formula 1 race car team.
MulteFire announces industrial IoT network specification
The specification aims to deliver robust wireless network capabilities for Industrial IoT and enterprises.
Google Cloud, Palo Alto Networks extend partnership
Google Cloud and Palo Alto Networks have extended their partnership to include more security features and customer support for all major public clouds.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill.