Wednesday, 8 April 2009
By Darren Waters
Technology editor, BBC News website
More than 97% of all e-mails sent over the net are unwanted, according to a Microsoft security report.
The e-mails are dominated by spam adverts for drugs, and general product pitches and often have malicious attachments.
The report found that the global ratio of infected machines was 8.6 for every 1,000 uninfected machines.
It also found that Office document attachments and PDF files were increasingly being targeted by hackers.
Microsoft said people should not panic about the high levels of unwanted e-mail.
Cliff Evans, head of security and privacy for Microsoft in the UK, told BBC News: "The good news is that the majority of that never hits your inbox although some will get through."
Ed Gibson, chief cyber security advisor at Microsoft, said the rise in spam was due to traditional organised crime figures moving away from exploiting software vulnerabilities and "targeting the weak link that is you and me".
"With higher capacity broadband and better OS (operating systems), and higher power computers it is easier now to send out billions of spams. Three or four years ago the capacity wasn't there."
See which countries are most infected
Paul Wood, senior analyst at e-mail security firm Message Labs, said he was surprised the Microsoft figure for unwanted e-mail was so high.
"Our own analysis shows that around 81% of e-mail traffic we were processing was identified as spam and unwanted," he said.
MessageLabs said spam rates had fallen at the end of 2008 as an ISP which had been hijacked to send out spam mails to users had been taken offline.
"As a result of that, a number of developers in botnet technology at the end of last year were trying to regain botnet control and increase capacity and return to previous spam levels.
"It won't be far off before we see return to those levels."
The report, which looked at online activity during the second half of 2008, also pinpoints the countries that are suffering from the most infections of malicious software, or malware.
Russia and Brazil top the global chart of infections, followed by Turkey and Serbia and Montenegro.
It said that the type of malware varied from country to country.
"As the malware ecosystem becomes more reliant on social engineering, threats worldwide have become more dependent on language and cultural factors," it reported.
In China, several malicious web browser modifiers are common, while in Brazil, malware that targets users of online banks is more widespread.
In Korea, viruses such as Win32/Virut and Win32/Parite are common.
The global average for infected machines is 8.6 for every 1,000 uninfected PCs.
The UK's infection rate is 5.7, according to the Microsoft report.
The report highlighted the need to keep operating systems, web browsers and applications up to date with the latest versions.
Increasingly, hackers are using common file formats, such as Microsoft Office documents and Adobe's PDF format as the carrier of malicious exploits or programs.
More than 91% of attacks exploiting vulnerabilities in Microsoft Office were using security holes that had been plugged by updates that had been available for more than two years.
Attacks using PDF files rose sharply in the second half of 2008, the report noted.
The vulnerabilities all of the attacks exploited had already been fixed by Adobe, and were not present in the most recent versions of the software.
Mr Gibson told BBC News people had to be aware that if they did not update their applications, such as Office and Adobe, they were not just putting themselves at risk, but others on the internet also.
"If you don't update your software you are not just a hazard to yourself, you are hazard to others because you can be part of a botnet [if your computer is hijacked]."
Mr Evans said Microsoft was very happy with the approach consumers were taking to updating applications via automatic updates.
"For consumers it is happening but for business less so. We have encourage businesses to make more use of automatic updates."
Mr Wood said malicious hackers were exploiting Office document attachments and PDF files in order to make more targeted attacks.
"They tend to be used in selective attacks to named individuals in organisations.
"A lot of social engineering will be used to appear legitimate and convince a user to open the attachment
"Once opened, a vulnerability in the application used to open the document will be exploited and often a tiny piece of code will execute and then download a larger file from a rogue website.
"This program will then attempt to search the computer for a particular document or file and sent it to a remote PC."
The report also highlighted the rise in the use of so-called scareware, fake security programs which falsely tell people they need to install software which does nothing other than attempt to steal personal details from a users' PC.
"It's criminals playing on people's fears," said Mr Evans.
"The advice remains the same - ensuring you have up to date software, whether that's your applications, your browser or your OS."