Official Blog
Built in the cloud. Engineered for your enterprise.
2008: The year in spam
2009年1月26日 星期一
[Ed. Note: The spam data cited in this post is drawn from the Postini Message Security network, which processes and culls spam from more than 2 billion enterprise email connections per day, giving Google strong insight into the state of the spam industry overall. For a discussion of what Google is doing to keep spam out of your Gmail inboxes on the consumer side, check out
this post
.]
In November 2008 a large source of the world's spam, the McColo network, was taken offline. Prior to that, spam levels had been holding relatively constant. But when McColo went offline, we saw spam drop by 70% compared with previous levels. However, spammers are recovering with vigor.
While spam is still down overall, it's important to note its rate of growth. Spam levels are up by 156% since November 2008. As spammers recover, the increased rate of spam growth will likely have total spam volumes back to pre-McColo levels within a few months.
Although McColo received a lot of attention, the highest volume of spam in 2008 actually came on April 23, which was an all-time high spam level for Google Message Security data centers. That day, the average number of spam messages blocked per user was 194. This peak was driven by an unprecedented number of non-delivery receipt (NDR) attacks we saw in April. One customer who was the target of a specific NDR attack said that their users were receiving an average of 100 emails every minute.
As spammers fill the void left by McColo, it's reasonable to anticipate a decreasing rate of growth as spam reaches November 2008 levels. However, since the November levels weren't even the peak for the year, and since spammers appear to be quickly recovering, the question remains: Where will spam volume top out in 2009? Will it be near the November 2008 level? the April 2008 level? Or higher?
One way to approach that question might be to compare 2008 overall levels with previous years. Spam threats rose visibly in 2008, reflecting the overall trend of rising attacks. Even with the drop in November 2008, spam levels climbed 25% over 2007. Our statistics show that the average unprotected user would have received 45,000 spam messages in 2008 (up from 36,000 in 2007). All indicators suggest this trend will continue as virus, malware, and link-based attacks become both more frequent and more ingenious.
Looking ahead to the rest of 2009, we expect viruses sent via email and in blended attacks (email and web) to continue to be a serious threat. During the second half of 2008, virus volume increased six-fold from the first half of the year. These spam messages would often try to fool users by mimicking legitimate emails such as package tracking notifications or invoices that included virus attachments. Another popular technique in 2008 was emailing spoofed news alerts with URLs that would link to a website hosting the virus.
We can also expect that viruses and malware will continue to be a key tool and area of focus for spammers to upgrade their platforms. Even though virus attachment volumes have been low so far this year, we expect spammers to work hard to rebuild their networks to replace what was lost in the McColo shutdown.
Of course, the only thing we can really say with certainty about 2009 is that spam and viruses will continue to be unpredictable. And given that uncertainty, virus detection and blocking technologies become even more important. Last year we released advanced new anti-virus heuristics that specifically targeted zero-hour vulnerability (the period of time between when a new virus enters the wild and the release of the anti-virus signature file). When the zero-hour protection identifies a suspicious message, the message is scanned using the new anti-virus heuristics, and if confirmed as a virus, the message is quarantined.
The chart below is an example of our new heuristic virus detection and blocking at work. On October 1, 2008, our automated technology detected a viral message pattern (later identified as new strain of the Downloader-AAP!zip) in the wild and started quarantining messages with this virus. Five hours later we received the new virus signature file from one of our anti-virus partners and the signature-based blocks began to take effect.
As seen from the roller-coast ride of spam and viruses in 2008, spam has again demonstrated its resiliency. Despite eliminating a major source, spam keeps coming back. Spammers are re-investing with increasing speed to evolve their systems into decentralized, harder-to-detect ecosystems. If you'd like to know more about Google's anti-spam solution for businesses, visit us at www.google.com/a/security.
Posted by Amanda Kleha, Google Message Security Team
標籤
#innovationupgrade
#InspireGirls
#moregoogleapps
#SysAdminDay
#tbt
#throwbackthursday
#top10trust
100% web
50states
ad contest
add-ons
admin
Admin console
admin sdk
AirPlay
Android
Android for Work
Android for Work Live
Android Marshmellow
Android Nougat
Android security
Android security tips
Apps Adventures
apps script
apptuesday
Armed Forces Day
Asia Pacific
Atmosphere Live
Audi
Audi Connect
audit
Australia
big data
Big Query
bigquery
Boston
browser
Chomebox for Meetings
Chrome
Chrome Device Management
Chrome digital signage
Chrome for Business
Chrome for Work
Chrome Frame
Chrome OS
Chromebit
Chromebooks
Chromebooks for Business
Chromebooks for Education
Chromebooks for Work
Chromebox for digital signage
Chromebox for meetings
Chromebox for signage
Chromeboxes
Chromecast
City 24/7
Classroom
Clearing Kosovo
Cloud
cloud computing
cloud computing gonegoogle
cloud computing gonegoogle Google Apps
cloud computing gonegoogle Google Apps google docs small business success story
cloud computing gonegoogle Google Apps google docs small business success story switch
cloud datastore
cloud platform
Cloud Platform Live
cloud print
cloud series
cloud services
cloud sql
collaboration
Colorado
Connectors
contacts
Control Panel
customer
customer love
Customer story
Customer support
Customer testimonial
data centers
data processing amendment
data protection
Developer
developers
Digital Learning Day
Docs
documents
DPA
Drawings
Drive for Education
drive sharing
Earth
earth and maps
EC
education
Education on Air
EMC
EMM
Energy
enterprise
EU
events
FedEx
Fedex.com
Finance
Firebase
Forms
franchises
GAFE
Gartner
GE
geo
Global Partner Summit
gmail
Gone Google
gonegoogle
Google AdWords
Google App Engine
Google Apps
Google Apps Blog
Google Apps for Business
Google Apps for Education
Google Apps for Government
Google Apps for Work
Google Apps Marketplace
Google Apps Reseller
Google Apps Script
Google Apps Vault
Google BigQuery
Google Calendar
Google Calendar app
Google Certified Teachers
Google Chrome
Google Chromebases
Google Classroom
Google Cloud Datastore
Google Cloud DNS
Google Cloud Platform
google cloud storage
Google Cloud Vision API
google commerce search
Google Compute Engine
Google Doc
Google Docs
Google Domains
Google Draw
Google Drive
Google Drive for Work
Google Earth
Google Earth Engine
Google Earth Enterprise
Google Earth Images
Google Earth Pro
Google Email Security and Archiving
Google Enterprise
Google Enterprise Search
Google Expeditions
Google for Education
Google for Education Partner Program
Google for Education Training Center
Google for Entrepreneurs
Google for Work
Google for Work and Google for Education Partner Program
Google for Work partner program
Google Forms
Google Green
google groups
Google Hangout
Google Hangouts
Google I/O
Google Keep
Google Maps
Google Maps API
Google Maps APIs
Google Maps Coordinate
Google Maps Engine
Google Maps Engine Pro
Google Maps Engine public data program
Google Maps for Business
Google Maps for Work
Google Maps Gallery
Google Maps Tracks API
Google Message Continuity
google message security
Google Mobile Device Management
Google My Maps
Google My Maps Pro
Google Places API
Google Play
google play for education
Google Prediction API
Google Research tool
Google Science Fair
Google Search Appliance
Google Security Key
Google Sheets
Google Site Search
google sites
Google Slides API
Google Smart Lock
Google spreadsheets
Google Springboard
google storage
Google Storage for Developers
Google Translate
Google Vault
Google Video
Google Wave
google+
Google+ api
Google+ Communities
googlenew
government
GSA
GSA 7.0
GSA for Commerce
guest post
HALO Trust
Hangout on Air
Hangouts on Air
HEAT
hints and tips
HIPAA
Inbox
Inbox by Gmail
innovation
international trade
Internet Explorer
intranet
io2011
iOS
iPad
IT
K-12
Kubernetes
large business
MAM
manufacturing
Mapping a better world
marketplace
marketplace highlights
mashups
MCCs
MDM
medium business
migration
mobile
mobile management
model contract clauses
moms
Mother's Day
mpstaffpick
MyHEAT
NAVMAN
new features
news
Niagara International Transportation Technology Coalition
non-profit
noteworthy
offline
OpenID Connect
Parters
partner
Partner Showcase
partners
Place Summaries
Postini
privacy
product ideas
productivity
Quickoffice
Receptionist's Day
reports
Reseller
retail
RSA
Safer Internet Day
SBW2013
SBW2014
sbweek
SCCs
Search
Security
Security Key
small business
Small Business Week
Small businesses
SMB
spam and security trends
Startups
success story
support
switch
System Admin
T Dispatch
Teamwork 2015
Thanksgiving
Transport and Logistics
Trust
UK
university
University of Calgary
Updates
utilities
Veteran Owned Businesses
Veterans Day
Veterans Day 2013
Veterans Day 2014
viewpoint
VNX
wallet
webinar
webmaster
Winter
women in tech
Women's History Month
Work Resolutions
World Bank
Archive
2016
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2015
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2014
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2013
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2012
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2011
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2010
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2009
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2008
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2007
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
2006
12月
11月
10月
9月
8月
7月
6月
5月
4月
3月
2月
1月
Feed
Google
on
Follow @gsuite
Useful Links
G Suite
Gmail
Hangouts
Calendar
Google+
Google Drive
Google Maps
Google Cloud Platform