Email security statistics compiled by SonicWALL, Inc. indicate that spam volumes rose by 44.29% in Q1 2007 from Q4 2006. Overall junk email which includes spam, phishing, viruses, Directory Harvest and similar types of attacks rose 24.46% over the same period. The results were based on aggregated results from the SonicWALL Smartlab and were factored for the 28.9% increase due to new SonicWALL Email Security customer installations during the reporting period.
Directory Harvest Attacks continue to make up the bulk of junk email in the first quarter of 2007 at 57.99%, but this is down from the fourth quarter of 2006 at 63.52%. Good email rose slightly from 5.84% in Q4 to 6.83% in Q1. Phishing attacks continued to rise, but were still less than 1% of overall email in Q1. A spike in phishing attacks occurred in mid-January, mirroring similar patterns from previous years, as consumers were sorting through their holiday bills and phishers attempted to take advantage of the seasonally high level of credit card activity.
SonicWALL continues to observe waves in the quarterly data that reflect familiar signs of the malware economy in action: Directory Harvest attacks to obtain email addresses, virus attacks to enlist zombie machines as part of a botnet, and spam or phishing attacks to cash in. For example, in late January a temporary rise in Directory Harvest attacks of 15% was detected. This was followed in early February by a brief rise in virus emails of 12%. In mid-February there was a rise of 28% in phishing emails, including the highest-volume phishing day of the quarter on February 12th.
“We see no signs that the avalanche of junk email is abating,” said Gleb Budman, senior director of Email Security at SonicWALL. “Junk email was up dramatically in 2006 and has risen 24% just in the first 3 months of this year. IT administrators and users are grappling with a huge productivity issue, where more than nine-tenths of inbound emails are junk.
“It takes an average of 34 seconds to deal with each unwanted email that makes its way into a network,” added Budman. “Spam solutions need constant updating if they are to withstand the barrage of unproductive or dangerous email that’s being generated by the malware economy.”