An increase in spam containing malware links has Symantec urging its channel partners to stay current with the latest security trends, in order to keep customers’ IT security systems up to date.
The danger of malware linked spam is highlighted in the company’s latest internet security report.
According to Symantec's October Spam Report, the amount of malware detected in scanned email messages increased worldwide from a tenth of a percent (0.1 percent) in June to 1.2 percent in September.
Symantec systems engineer Rogan Mallon says spam containing malware attachments has traditionally been rare, as this delivery method was not overly successful.
“The reason it hasn’t been very successful is companies are very diligent at blocking certain attachment types and they have a good antivirus scanner at the gateway. If they have good antivirus but poor antispam [software], it could get caught by technology other than the security software.”
Mallon adds that specially encrypted zip files can bypass some security scanners and the message gets delivered, albeit with a warning.
“The default setting on most of our software is that a warning will come up, saying the attachment hasn’t been scanned because it doesn’t know the password. The reason is that even if we knew the password, breaking the encryption wouldn’t be ethical.”
Mallon adds that partners should keep abreast of what’s happening with spam as it is always changing. Examples in the report include spam disguised as US election and housing foreclosure information.
“Each spam report just reinforces some tactics that spammers have used for a long time. It’s all around social engineering. You just have to make something enticing enough for people to follow the link.”