Spam continues to dip but malware marches merrily on
Spam reached its lowest level in years last quarter, but malware surpassed security firm's estimates for the year, says McAfee.
Spam may be down, but cybercriminals are keeping busy launching more sophisticated attacks (PDF), according to McAfee's latest Threats Report.
Looking at 2011's final quarter, McAfee found that spam hit its lowest level in years, especially across popular targets such as the U.K., Brazil, Argentina, and South Korea. But the U.S. and Germany saw their rates inch up slightly.
And though spam levels have declined overall, junk mail is still a clear danger because of the increase in spearphishing, or more targeted attacks. In years past, spammers sent their payloads to a slew of random addresses, hoping to ensnare at least a small percentage of users. But now address lists are more accurate, says McAfee.
Botnets, or computers tricked into running malicious software, surged in growth in November and December following a drop since August. A few countries saw a decline in botnet activity, but most experienced a significant jump.
The number of malicious Web sites discovered rose in the fourth quarter to 9,300 per day from 6,500 in the third quarter. On average, one in every 400 URLs tracked were found to be malicious, though that figure reached one in every 200 at its peak. Most malicious sites were in the U.S., with North America home to the largest percentage of servers with malicious content at more than 73 percent.
Malware in general actually dipped throughout last year's fourth quarter and is much lower than it was in the year-ago quarter. However, the number of unique malware samples recorded by McAfee surpassed 75 million last year, much higher than the security firm had expected. Mobile malware accounted for a larger portion of the total, with malware writers increasingly targeting Android users.
"The threat landscape continued to evolve in 2011, and we saw a significant shift in motivation for cyber attacks," Vincent Weafer, McAfee Labs senior vice president, said in a statement. "Increasingly, we've seen that no organization, platform or device is immune to the increasingly sophisticated and targeted threats. On a global basis, we are conducting more of our personal and business transactions through mobile devices, and this is creating new security risks and challenges in how we safeguard our commercial and personal data."