In July 2006, McAfee released protection for the 200,000th threat in its database. It expects the 300,000th threat to be identified by the end of 2007.
Marshal's Threat Research and Content Engineering (TRACE) team says that phishing emails increased from 0.4 percent of total spam in November 24 to 2.2 percent on December 1. "This signifies the highest level of phishing emails since July 2006," according to TRACE, and a tripling of the average phishing email rates over the last six months.
China is now the number one generator of phishing emails in the world, jumping from 10th position last week. "Like spam levels, which have almost doubled in the past month, the current spike in phishing emails is in part being driven by the Christmas season," said Bradley Anstis, director of product management for Marshal. "Scammers and spammers are ramping up their efforts because they are aware that there a more consumers shopping online, looking for gift ideas and receiving e-cards. There are more people who are likely to open the messages."
According to Marshall, spammers are no longer using one spam variation repeatedly until it no longer gets through. They are constantly varying their spam techniques such as with "Ransom Note Spam", using animated GIFs and extreme use of image randomisation. Spammers will often use a technique once before moving on to another method," said Anstis.
Increasing sophistication was also a theme running through McAfee's predictions for 2007. "Today, McAfee researchers are seeing evidence of the rise of professional and organised crime in malware creation, whereby development teams are creating malicious software, testing it and automating its production and release. Sophisticated techniques such as polymorphism, the recurrence of parasitic infectors, root kits, and automated systems with cycling encryption releasing new builds are becoming more prevalent. Furthermore, threats are being packed or encrypted to disguise their malicious purpose on a more rapid and complex scale," McAfee said.
- The number of password-stealing Web sites will increase using fake sign-in pages for popular online services such as eBay;
- The volume of spam, particularly bandwidth-eating image spam, will continue to increase;
- The popularity of video sharing on the Web makes it inevitable that hackers will target MPEG files as a means to distribute malicious code;
- Mobile phone attacks will become more prevalent as mobile devices become "smarter" and more connected;
- Adware will go mainstream following the increase in commercial Potentially Unwanted Programs (PUPs);
- Identity theft and data loss will continue to be a public issue - at the root of these crimes is often computer theft, loss of back-ups and compromised information systems;
- The use of bots, computer programs that perform automated tasks, will increase as a tool favoured by hackers;
- Parasitic malware, or viruses that modify existing files on a disk, will make a comeback
- The number of root kits on 32-bit platforms will increase, but protection and remediation capabilities will increase as well;
- Vulnerabilities will continue to cause concern fuelled by the underground market for vulnerabilities.
Regardless of how effective counter-measures against spam are: unless it can be stopped at source, it seems likely to seriously impact the Internet, and all users merely as a result of its volume. In November 2006, image spam accounted for up to 40 percent of the total spam received, compared to less than ten percent a year ago, McAfee reports. "Image spam is typically three times the size of text based spam, so this represents a significant increase in the bandwidth used by spam messages."
In addition to the rise in threat volumes, Microsoft is discovering vulnerabilities in its products at and increasing rate and McAfee expects this increase to continue in 2007.
"Thus far in 2006, Microsoft has announced 140 vulnerabilities through its monthly patch program," McAfee says. "This year to date, Microsoft has already patched more critical vulnerabilities than in 2004 and 2005 combined. By September 2006, the combined 2004 and 2005 total of 62 critical vulnerabilities had already been surpassed."
McAfee Avert Labs has also noted a trend in zero-day attacks following Microsoft's monthly patch cycle. "Since the patches are issued only once per month, this encourages exploit writers to release zero-day Microsoft exploits soon after a month's Patch Tuesday to maximise the vulnerability's window of exposure."
Full details of McAfee's threat predictions for 2007 can be found here.