Malware Delivery Techniques Focus on HTML Attachments

Pete Prestipino
by Pete Prestipino 22 Oct, 2010
Malware Delivery Techniques Focus on HTML Attachments

Use of malicious HTML email attachments increased significantly in the third quarter according to Internet security technology vendor CommTouch.  In its Q3 2010 Internet Threats Trend Report (PDF), CommTouch examined the methodology within blended attacks, such as the "Here You Have" worm, which spread widely in September using Outlook contact lists from infected PCs. Both "Here You Have" and numerous fake LinkedIn invitations relied on a combination of social engineering and masked hyperlinks to lead users to websites with malware scripts. 

"The increased use of HTML attachments shows how prominent the multi-stage attack vector has become," said Asaf Greiner, Commtouch vice president, products. "The blended nature of malicious activity further highlights the need for an integrated security offering that can block spam and malware emails, prevent users from visiting malicious Web sites and delete malware files and scripts."  

Other highlights from the Q3 Trend Report include:

  • Spam levels averaged 88% of all email traffic throughout the quarter, peaking at over 95% in mid-September with 198 billion spam/phishing messages per day. By comparison, Q2 spam levels averaged 80% of all email, with 179 billion spam/phishing messages per day.
  • Approximately 339,000 zombies were activated daily, almost 30,000 more per day than in the previous quarter.
  • The most popular spam topic this quarter was pharmacy (59% of all spam).
  • For the third quarter running, pornography/sexually explicit material is the website category most likely to include malware.
  • India keeps its title for the second quarter in a row as the country with the most zombies - 14% of all zombies worldwide.
  • Streaming media/downloads continues to be the most popular topic for blog creators in the Web 2.0 sphere of user-generated content.
Pete Prestipino
Pete Prestipino
Digital marketing executive with proven experience in all aspects of search engine optimization (SEO), performance-based advertising, consumer-generated/social media, email marketing, lead generation, Web design, usability, and analytics. - 20-year Internet marketing veteran, currently serving as the Digital Marketing Campaign Manager at Antenna Group (formerly Chicago Digital). - Former Editor-In-Chief of Website Magazine, and a regular speaker on Web technology digital marketing strategy - Author of several books on digital marketing Including Web 360: The Fundamentals of Web Success; Affiliate 360: The Fundamentals of Performance Marketing; Domains 360: The Fundamentals of Buying & Selling Domain Names, and SEO 360: The Fundamentals of Search Engine Optimization.