Official Blog
Built in the cloud. Engineered for your enterprise.
1 Billion Messages Not Served
Thursday, December 13, 2007
Posted by Adam Swidler, Product Marketing Manager, Postini
Postini is a recent addition to Google that offers solutions that help enterprises make their existing email infrastructure more secure, compliant and productive. We process email for more than 35,000 businesses and 12 million end users, and block about 1 billion messages per day, which is a good sample size to report on global spam trends for businesses. In 2007, Postini data centers recorded the highest levels of spam and virus attacks in history. Much of this was fueled by an increase in the number of botnet computers being used to send spam. Botnets are networks of infected PCs, usually with broadband Internet connections that are co-opted by hackers and used to send spam and virus attacks. Often they are compromised without their owner's knowledge. We started to see these botnets kick in back in September of 2006. Since that time, spam volumes are up more than 163 percent. We saw a peak of activity in October 2007 where volume was a 263 percent increase from September 2006 and Postini blocked 47 billion spam messages, more than 320 Terabytes of spam (now that's a lot of spam). The average unprotected e-mail user would have received 32,000 spam messages in their in-boxes so far this year. Talk about lost productivity. In fact,
Nucleus research
estimates unchecked spam can cost a company up to $742 per user.
But what's really different this year is the innovation with which spammers attempted to evade detection by spam filters. In the early part of 2007, image spam was used heavily, with the spam content (such as "pharmaceuticals for sale," "hot stocks," etc) contained in an image attached to the message. Over the course of the year image spam declined and was replaced by PDF spam, document and spreadsheet spam and even multimedia spam. That's right - an audio file promoting a particular stock. We saw examples of compressed and password protected emails as well. All this effort to deliver spam content in email attachments had a significant impact on the size of spam overall. Taking 7.5 Kb as an average spam message size, an organization with 100 employees (that didn't use a hosted solution to block spam outside the firewall) would have wasted 22Gb of storage and bandwidth. Who wants that sitting on their servers?
The chart below shows the trend of the volume of spam rising throughout the year (blue line) and the peaks in the size of spam (orange line):
In Europe, spam volume was also up in 2007 and the percentage of email that is spam increased from 70% to 90% as shown below:
Virus attacks in 2007 were also at record levels and showed similar techniques to what we observed for spam email. In January 2007, the high profile "Storm" botnet got its start with an email that was spammed out with an executable file attached. In April and May, we saw virus emails with password protected executables attached and the password contained in the body of the email. In the late summer, we saw a huge spike of Storm virus attacks that used a blended threat - an email message with a URL that took the user to an infected website that then downloaded the Storm malware to the PC. The linkage between spam and viruses continued in 2007, with messages being spammed out from botnets with virus attacks intended to add more computers to the botnet. The chart below shows the Storm virus activity for 2007:
For 2008, this game of chess will continue, and the stakes may become even higher. While the number of threats may not increase, the complexity will. Businesses will be challenged to identify more types of malicious content and protect sensitive information against new methods of social engineering. So what does the forecast for next year looks like? Here are some of the trends we expect to see coming to a business near you in 2008:
Spam volume will stabilize and could actually decrease in 2008 as spam attacks become more targeted and less of a pure volume game. As more and more spam content will be contained in attachments, we do expect that the overall size of spam will continue to increase.
Virus attacks will continue to blend with spam and will focus more on identity theft. They will utilize increasingly sophisticated social engineering techniques that will be related to specific current events such as the Olympics, the Super Bowl, natural disasters etc. Virus attacks will become more targeted toward executives at specific companies and will appear to come from legitimate business agencies. Their goal will increasingly be to steal corporate and government data. We expect to see several of these types of attacks, leading to data breaches from commercial enterprises and government agencies. This may force some companies to modify their email practices, such as financial institutions not including any links in their email communications to customers.
More businesses and organizations will implement specific policies that address outbound content in email and will deploy systems to monitor and enforce those policies to prevent sensitive or confidential data leaks.
The growing need for managing consumer data privacy and retention policies globally will drive growth of encryption and archiving and hosted solutions will play a major role in reducing the cost and complexity.
Identity theft attacks will increasingly be launched through web sites, especially those that enable user created content such as social networking sites, blogs and auction sites.
If you’d like to know more about Postini’s spam and virus trends, you can read our weekly summaries on the
Postini Community Forum
in the Threat Advisory board.
Labels
#innovationupgrade
#InspireGirls
#moregoogleapps
#SysAdminDay
#tbt
#throwbackthursday
#top10trust
100% web
50states
ad contest
add-ons
admin
Admin console
admin sdk
AirPlay
Android
Android for Work
Android for Work Live
Android Marshmellow
Android Nougat
Android security
Android security tips
Apps Adventures
apps script
apptuesday
Armed Forces Day
Asia Pacific
Atmosphere Live
Audi
Audi Connect
audit
Australia
big data
Big Query
bigquery
Boston
browser
Chomebox for Meetings
Chrome
Chrome Device Management
Chrome digital signage
Chrome for Business
Chrome for Work
Chrome Frame
Chrome OS
Chromebit
Chromebooks
Chromebooks for Business
Chromebooks for Education
Chromebooks for Work
Chromebox for digital signage
Chromebox for meetings
Chromebox for signage
Chromeboxes
Chromecast
City 24/7
Classroom
Clearing Kosovo
Cloud
cloud computing
cloud computing gonegoogle
cloud computing gonegoogle Google Apps
cloud computing gonegoogle Google Apps google docs small business success story
cloud computing gonegoogle Google Apps google docs small business success story switch
cloud datastore
cloud platform
Cloud Platform Live
cloud print
cloud series
cloud services
cloud sql
collaboration
Colorado
Connectors
contacts
Control Panel
customer
customer love
Customer story
Customer support
Customer testimonial
data centers
data processing amendment
data protection
Developer
developers
Digital Learning Day
Docs
documents
DPA
Drawings
Drive for Education
drive sharing
Earth
earth and maps
EC
education
Education on Air
EMC
EMM
Energy
enterprise
EU
events
FedEx
Fedex.com
Finance
Firebase
Forms
franchises
GAFE
Gartner
GE
geo
Global Partner Summit
gmail
Gone Google
gonegoogle
Google AdWords
Google App Engine
Google Apps
Google Apps Blog
Google Apps for Business
Google Apps for Education
Google Apps for Government
Google Apps for Work
Google Apps Marketplace
Google Apps Reseller
Google Apps Script
Google Apps Vault
Google BigQuery
Google Calendar
Google Calendar app
Google Certified Teachers
Google Chrome
Google Chromebases
Google Classroom
Google Cloud Datastore
Google Cloud DNS
Google Cloud Platform
google cloud storage
Google Cloud Vision API
google commerce search
Google Compute Engine
Google Doc
Google Docs
Google Domains
Google Draw
Google Drive
Google Drive for Work
Google Earth
Google Earth Engine
Google Earth Enterprise
Google Earth Images
Google Earth Pro
Google Email Security and Archiving
Google Enterprise
Google Enterprise Search
Google Expeditions
Google for Education
Google for Education Partner Program
Google for Education Training Center
Google for Entrepreneurs
Google for Work
Google for Work and Google for Education Partner Program
Google for Work partner program
Google Forms
Google Green
google groups
Google Hangout
Google Hangouts
Google I/O
Google Keep
Google Maps
Google Maps API
Google Maps APIs
Google Maps Coordinate
Google Maps Engine
Google Maps Engine Pro
Google Maps Engine public data program
Google Maps for Business
Google Maps for Work
Google Maps Gallery
Google Maps Tracks API
Google Message Continuity
google message security
Google Mobile Device Management
Google My Maps
Google My Maps Pro
Google Places API
Google Play
google play for education
Google Prediction API
Google Research tool
Google Science Fair
Google Search Appliance
Google Security Key
Google Sheets
Google Site Search
google sites
Google Slides API
Google Smart Lock
Google spreadsheets
Google Springboard
google storage
Google Storage for Developers
Google Translate
Google Vault
Google Video
Google Wave
google+
Google+ api
Google+ Communities
googlenew
government
GSA
GSA 7.0
GSA for Commerce
guest post
HALO Trust
Hangout on Air
Hangouts on Air
HEAT
hints and tips
HIPAA
Inbox
Inbox by Gmail
innovation
international trade
Internet Explorer
intranet
io2011
iOS
iPad
IT
K-12
Kubernetes
large business
MAM
manufacturing
Mapping a better world
marketplace
marketplace highlights
mashups
MCCs
MDM
medium business
migration
mobile
mobile management
model contract clauses
moms
Mother's Day
mpstaffpick
MyHEAT
NAVMAN
new features
news
Niagara International Transportation Technology Coalition
non-profit
noteworthy
offline
OpenID Connect
Parters
partner
Partner Showcase
partners
Place Summaries
Postini
privacy
product ideas
productivity
Quickoffice
Receptionist's Day
reports
Reseller
retail
RSA
Safer Internet Day
SBW2013
SBW2014
sbweek
SCCs
Search
Security
Security Key
small business
Small Business Week
Small businesses
SMB
spam and security trends
Startups
success story
support
switch
System Admin
T Dispatch
Teamwork 2015
Thanksgiving
Transport and Logistics
Trust
UK
university
University of Calgary
Updates
utilities
Veteran Owned Businesses
Veterans Day
Veterans Day 2013
Veterans Day 2014
viewpoint
VNX
wallet
webinar
webmaster
Winter
women in tech
Women's History Month
Work Resolutions
World Bank
Archive
2016
October
September
August
July
June
May
April
March
February
January
2015
December
November
October
September
August
July
June
May
April
March
February
January
2014
December
November
October
September
August
July
June
May
April
March
February
January
2013
December
November
October
September
August
July
June
May
April
March
February
January
2012
December
November
October
September
August
July
June
May
April
March
February
January
2011
December
November
October
September
August
July
June
May
April
March
February
January
2010
December
November
October
September
August
July
June
May
April
March
February
January
2009
December
November
October
September
August
July
June
May
April
March
February
January
2008
December
November
October
September
August
July
June
May
April
March
February
January
2007
December
November
October
September
August
July
June
May
April
March
February
January
2006
December
November
October
September
August
July
June
May
April
March
February
January
Feed
Google
on
Follow @gsuite
Useful Links
G Suite
Gmail
Hangouts
Calendar
Google+
Google Drive
Google Maps
Google Cloud Platform
