Commtouch Reports Q2 Email Threats: Massive Botnets Spread PDF Spam -- Spam and Malware Combine into Blended Threats

SUNNYVALE, Calif. (BusinessWire EON) July 17, 2007 -- -- Spam with PDF attachments was initiated at the end of the second quarter. During one massive attack, PDF-spam comprised 10-15% of global spam messages during a 24-hour period, increasing overall global spam traffic by 30-40%

-- Spam and viruses have joined forces, using the same botnets to distribute both types of email-borne threats, sometimes even in the same email message

-- Global spam levels remained high; 85-90% of all global email is spam

-- Over 60% of spam-sending bots also send malware

-- Over 300,000 zombies become newly activated each day

-- Image spam in Q2 dropped to less than 15% of all spam, compared to 30% in the first quarter of 2007

-- Most popular spam topics:

-- pharmaceutical 45%

-- stock 18%,

-- sexual enhancers 10%

"The same botnets used to spew spam are being used to send malware-infected email," reported Amir Lev, Commtouch President and CTO. "The email-borne malware sent by botnets can steal password and personal data, harvest email addresses and sometimes even launch a distributed denial of service (DDoS) attack. The fact that the same bots are being used for all types of malicious activities is evidence that the enemies have converged."

PDF spam

Spammers unveiled a new email tactic toward the end of the quarter: PDF spam. This type of spam aims to evade anti-spam filters by disguising itself in a common format: attachments of the familiar Portable Document Format files. This trick helps the junk message pass many anti-spam solutions since it looks like a legitimate email.

"PDF spam is the latest trick the spammers have come up with to evade traditional anti-spam filters," Lev continued. "It took a bit of time, but some anti-spam engines eventually developed solutions to block the image-based spam that plagued inboxes last year. In response, the spammers quickly utilized their zombie infrastructure to progress into sending spam in a different format. This shows once again that technologies that try to fight spam one trick at a time will always lag far behind, leaving them unprepared when the next spam tidal wave hits."

More details, including samples of PDF spam and spam messages containing malware, are available in the Commtouch Q2 2007 Email Threats Trends Report, available from Commtouch Labs at: http://www.commtouch.com/documents/Commtouch_2007_Q2_Email_Threats.pdf

Commtouch Recurrent Pattern Detection Technology Defends Inboxes

Commtouch's Recurrent Pattern Detection (RPD) technology protects against spam and virus attacks in real-time as they are mass-distributed over the Internet. The unique content-agnostic technology detects and blocks spam in any language and is highly effective against image-based and PDF spam. Commtouch's Reputation Service dynamically blocks spam at the network perimeter based on the reputation of the sender.

About Commtouch

Commtouch Software Ltd. (Nasdaq:CTCH) is dedicated to protecting and preserving the integrity of the world's most important communications tool -- email. Commtouch has over 16 years of experience developing messaging software and is a global developer and provider of proprietary anti-spam, Zero-Hour virus protection and Reputation Service solutions. Using core technologies including RPD(TM) (Recurrent Pattern Detection), the Commtouch Detection Center analyzes billions of email messages per month to identify new spam and malware outbreaks within minutes of their introduction into the Internet. Integrated by scores of OEM partners, Commtouch technology protects thousands of organizations, with over 50 million users in over 100 countries. Commtouch is headquartered in Netanya, Israel, and has a subsidiary in Sunnyvale, CA. For more information, see: www.commtouch.com, including the Commtouch online lab detailing spam statistics and charts.