Many computer users still do not have adequate protection against malware threats, according to the latest threat analysis reports for June 2007.
"It is worrying to see the same threats reported month in, month out," said Viorel Canja, head of BitDefender Labs.
"It appears that many users still do not have adequate antivirus protection. A virus is extremely difficult to eradicate from the wild if it can keep finding new hosts."
The peer-to-peer Puce.G worm claimed pole position once again in June, according to the June Top 10 malware report from BitDefender, followed by a new version of Rjump which displaced the older 'B' version in May.
While Fortinet agreed that the top 10 threats remain fairly consistent, the security firm identified a different trend in the corporate sector as the impact of mass mailers diminishes.
Fortinet attributed the drop in email worms to an increase in corporate awareness coupled with better education. Companies have also increased spending on threat mitigation solutions to protect their investments.
SoftScan reported that general spam levels reached 90.06 percent of all email scanned by the company during June.
"Changes in spam levels normally signal a change in tactics or, more likely in this case, a drop in customers buying spam lists," said Diego d'Ambra, chief technology officer at SoftScan.
"I do not believe that this signifies a change for the better since the overall trend is so high. Like any other business, spam shops also suffer poor trading days."
MessageLabs reported that overall threat levels remained relatively stable compared to previous months.
But the company warned that data theft from popular social networking sites such as MySpace and Linked In continued to remain prolific targets for fraudsters.
Image spam continues to remain a threat but has evolved as a reaction to recent clampdowns by the US Security and Exchange Commission (SEC) into so-called 'Penny Stock' spamming and as another means of infiltrating victims' computers.
"The beauty of [stock-based] scams is that until now these small over-the-counter stock companies listed separately from mainstream Nasdaq listings provided an environment free from regulatory scrutiny for fraudsters to pump out 'penny stock' scams far from the regulator's gaze," said Mark Sunner, chief security analyst at MessageLabs.
"Now the SEC is trying to prosecute the culprits, they are changing their tactics by creating PDF attachments that mimic real market reports or collateral to entice recipients into their scam."
MessageLabs also uncovered two new techniques over the most recent quarter. The first is a highly targeted Trojan attack aimed at senior executives and their relatives or dependents.
The Trojan is designed to compromise the family computer by depositing malware and indirectly gaining access to sensitive information or intellectual property for malicious purposes.
The second has been dubbed 'The Hotel 419' and is aimed at the accommodation, catering and hotel sectors in the US.
Typically the scam involves a large-scale room booking using stolen credentials which is subsequently cancelled before the money clears, forcing the hotel to reimburse the scammer with real money.
Home PCs still wide open
By Staff Writers on Jul 4, 2007 3:13PM