Calm down fellas, bad spam not surging after all says Symantec

News by Dan Raywood

Symantec plays down rivals' reports of a huge peak in spam earlier this month.

Symantec plays down rivals' reports of a huge peak in spam earlier this month.

According to the August 2011 Symantec Intelligence Report, during the month the global ratio of spam in email traffic declined to 75.9 per cent (one in 1.32 emails was marked as spam). This was a decrease of 1.9 percentage points when compared with July 2011.

Recent reports by M86 Security and Commtouch said that there had been a huge spike in the level of malicious spam seen, with Commtouch noting a spike of 500 per cent in the level of malware in spam messages.

Commenting on the level of spam it had seen, Symantec said it had seen a steadily declining level. Paul Wood, senior intelligence analyst at, said that while there is some fluctuation, as its intelligence calculates an average rate for the period, the overall level is down slightly.

He said: “A couple of percentage points here or there is largely irrelevant to be honest, only big changes are significant and there were a couple of bigger spam runs that can be seen as spikes on the chart.

“Depending on when those companies take their measurements, it could show that these surges take the spam rate higher than it would otherwise be. Also, with average volumes circa 40-50 billion per day, an increase or decrease in spam is going to represent a higher rate of change than this time last year when spam volumes would have to change by a much greater number in order to change by even one or two percentage points. This is just because the volume was greater then (circa 150-200 billion per day).”

Symantec did detect a minor increase (0.14 percentage points since July 2011) in email-borne threats, while the number of web-based malware threats decreased since July.

Further analysis by Symantec also found that while global spam levels were lower in August compared with the previous month, phishing activity increased. There were many new boot time malware (MBR) threats in the first seven months of 2011 as there were in the previous three years.

An MBR is an area of the hard disk (usually the first sector) used by a computer to perform start-up operations.

“MBR infections offer great scope for deep infection and control of computers, which makes the idea attractive to malware creators. Contemporary MBR infection methods are a fairly complex affair usually executed by highly skilled individuals,” Wood said.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews