South Africa is the most targeted country by e-mail malware, worldwide, with one in 81,1 e-mails being blocked as malicious during February.
This is according to The February edition of Symantec’s 2011 MessageLabs Intelligence Report, which also shows South Africa also remains the most targeted geography by phishing e-mails with one in 32,5 e-mails being blocked as a phishing attack.
Spam accounted for 81% of the country’s e-mail traffic, having increased by 2,7% and now accounting tor one in 1,23 e-mails.
The public sector held its position as the most targeted industry in February with 41,1 e-mails being blocked as malicious.
Most of this email-borne malware are transferred by malicious hyperlinks. Attackers are also beginning to target users with PDF files that conceal malicious content.
Many people still consider PDFs a relatively trusted file type. However PDFs are potentially one of the most dangerous file formats available, as it is significantly easier to generate legitimate and concealed malicious content with PDFs than it is to do so with other file formats.
Since the end of January 2011, MessageLabs Intelligence has identified significant volumes of integrated attacks that make use of well-timed and carefully crafted targeted techniques. As February began, the attacks increased in number and these malware families were aggressively used to conduct simultaneous attacks via propagation techniques, signaling the likelihood of a common origin for these infected e-mails.
MessageLabs Intelligence identified that in February, there were at least 40 variants of malware associated with the Bredolab Trojan, accounting for approximately 10,3% of -email-borne malware blocked in February. Bredolab is a familiar Trojan used to drop other forms of malware onto an infected PC. All of these attacks made use of a ZIP archive attachment that contained an executable (either an EXE or SCR file extension) that comprised the malware code.
In February, 1,5% of malware blocked comprised ZIP archive attachments.
“Since MessageLabs Intelligence began tracking targeted attacks, it appears that the overall percentage of targeted malware in circulation with office-based file formats, such as spreadsheets and documents, has diminished,” says Jason Ellis, vice-president: EMEA channels at Symantec. “This is perhaps a result of the increased popularity of other file formats as they become easier to use. What is more intriguing, however, is that malicious executable files, such as EXEs have also increased in frequency, in addition to the most popular file format, PDFs.”