[IS&T Security-FYI] SFYI Newsletter, April 26, 2010

Monique Yeaton myeaton at MIT.EDU
Mon Apr 26 13:09:26 EDT 2010 

In this issue:

1. DHS Secretary Visits MIT
2. Highlights from Q1 Report on Internet Threat Trends
3. Google's Gmail Most Abused Email Address?


-----------------------------------
1. DHS Secretary Visits MIT
-----------------------------------

On April 16th, the US Department of Homeland Security (DHS) Secretary  
Janet Napolitano attended a roundtable discussion with university  
leaders hosted by MIT President Susan Hockfield. The meeting focussed  
on ways DHS can engage talents of instructors and students,  
particularly in the fields of cyber security and science and  
technology research.

This story is covered here:
<http://web.mit.edu/newsoffice/2010/napolitano-mit-0416.html>
<http://boston.bizjournals.com/boston/stories/2010/04/12/daily59.html>

Earlier this year the DHS Secretary announced the federal government  
is stepping up its efforts to protect the US against increasingly  
sophisticated cyber attacks. The goal is to protect cyber space,  
making it safe and secure by encouraging cyber security knowledge and  
innovation.

Read this story on VentureBeat.com: <http://bit.ly/c4ndh3>


----------------------------------------------------------------------
2. Highlights from Q1 Report on Internet Threat Trends
----------------------------------------------------------------------

The quarterly report from CommTouch analyzes spam and phishing trends.  
Some highlights from the 1st Quarter report:

183 billion spam/phishing emails are sent daily on average worldwide  
(based on spam being assessed at 83% of 220 billion emails sent  
worldwide each day)
81% of spam are pharmacy ads, maintaining last quarter's average (5 to  
10% of spam comes from gmail.com accounts - see details in the next  
story below)
The category of websites most likely to host malware are pornography  
sites
An average of 305,000 new zombies are activated daily to inflict  
malicious activity (like sending malware and spam). This number is  
slightly lower than the 312,000 from the previous quarter.

You can download a copy of the report from the CommTouch website (http://www.commtouch.com/ 
).


------------------------------------------------------------
3. Google's Gmail Most Abused Email Address?
------------------------------------------------------------

Google is investigating the many Gmail accounts being hijacked and  
used to send pharmaceutical spam. The problem has recently escalated,  
with hackers breaking into legitimate Gmail accounts and then using  
them to send spam messages.

Full story here:
<http://www.computerworld.com/s/article/9175857/Drug_dealing_spammers_hit_Gmail_accounts 
 >

However, this investigation does not take into account all the faked  
email addresses being used to send spam. If the CommTouch report from  
the previous article is accurate, most of the spam is NOT coming from  
Gmail at all, but is only pretending to come from Gmail accounts.

According to that Q1 Report, CommTouch monitored the domains that are  
used by spammers in the "from" field of those emails. They are  
typically faked in order to fool anti-spam systems and spam  
recipients. The domain most faked is gmail.com, Google's email domain.  
The Q1 report analyzed how much spam actually comes from gmail.com.

The results were surprising. Of the emails with the "from" address  
showing a gmail.com address:

59% of email came from a genuine gmail.com account
41% of email came from faked gmail.com accounts
42% of emails were classified as spam
1% of spam emails were sent by a genuine gmail.com account

In other words, of the spam sent, only 1% came from a genuine  
gmail.com account. The rest (99%) were from forged gmail.com accounts.  
Of the 1%, there could be emails included that were compromised by  
hackers.

= 
= 
= 
========================================================================

Find current and older issues of Security FYI Newsletter: <http://kb.mit.edu/confluence/x/ehBB 
 >


Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security






-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20100426/d79e27cc/attachment.htm

More information about the ist-security-fyi mailing list