Small businesses are being told to stress-test their virus protection procedures and ensure their networks are secure as spammers and phishing attackers ramp up their plans in the lead-up to Christmas.
Security firm Symantec has released figures showing that while overall spam volumes have dropped, taking up 84.31% of all messages compared to 86.61% in October, phishing attacks have increased by 37% in November.
And experts believe phishing attacks will only increase in 2011.
Phishing websites have increased by about 41% in November, while webhosting services comprised 12% of all phishing in November, up from 15% in October. The number of non-English phishing sites increased by 10%.
Get daily business news.
The latest stories, funding information, and expert advice. Free to sign up.
The figures also show that out of all the spam categories, spam within the “internet” category increased by six points to 43%, followed by product-based spam, which grew by four points to 17%. In third place was “419 spam”, which grew by two points to 9%.
Most of these messages are coming from the United States, which took up 27% of all spam messages in November. In second was the Netherlands and India, both at 5%, while Brazil, Russia and Britain all took third place at 4%.
Most phishing attacks are also coming from the United States with 51% of all attacks, followed by Canada at 11%, Russia at 9% and Germany at 8%.
Rob Pregnell, security product manager small business at Symantec, says businesses need to take note of these attacks in the lead-up to Christmas and start preparing their defences, especially as many of these will target businesses specifically.
“What we’re seeing more is that use of product-based spam. It’s a technique phishers are using to try and get into networks at Christmas. And we think it’s going to continue beyond Christmas as well.”
“Phishing attacks are specifically about trying to find someone a little more directly, and then you need to have a lure. Phishing usually goes hand in hand with targeting business, and social networks like Facebook.”
Pregnell points out that unfortunately, many small businesses fall prey to these phishing attacks because many do not have sophisticated in-house IT security systems and many business owners don’t have time to become familiar with phishing terminology.
But Pregnell says this is even more important at Christmas – businesses and business owners will find more phishing attacks in their inboxes, perhaps offering products or some type of program that will actually install malicious software, or ask for credit card details, possibly resulting in a financial catastrophe.
As a result, Pregnell says IT security needs to be at its peak during Christmas and that small businesses should review their systems to ensure they don’t fall prey to attacks.
“The consistent message is the same – keep everything up-to-date, keep your anti-virus and so on patched, and then make sure you’re identifying the most likely culprits. Product-based and internet hosting services are some of the more likely topics to see in spam.”
“The other thing businesses can do that is often effective, is make sure you have a separate email account for all of those things you need to provide an email for. For instance, gathering reports or signing up to a website. That’s one that not many people do.”
Symantec points out a number of actions for businesses and business owners to implement when protecting themselves from spam, which include: unsubscribing from email lists, being selective about visiting URLs, avoiding publishing your email address and updating operating system security features with patches.
But these attacks are also set to increase during 2011, Symantec warns. In the latest report, it claims that popular news events, social networks and more targeted attacks will become more prominent in the next 12 months.
“Overall spam volume dropped significantly over the past few months due to several legal actions. Symantec expects the volume to return more slowly.”
“Symantec expects more malware spam in 2011. Spammers have lost a great part of their infected machines due to recent shutdowns. In order to make up for the loss and rebuild their army of compromised machines, spammers will launch more malware message attacks.”
Meanwhile, security firm AVG has also released a list of hints for consumers to follow when shopping through mobiles – a practice sure to be much more popular than last year.
1. Watch out for public WiFi spots, as “you could be opening a back door for hackers and spammers”.
2. Look out for URLs and don’t click on any that are unrecognisable.
3. When downloading apps, check with the app parent company to make sure it is reliable.
4. Don’t click on suspicious links offering free products or deals that are “too good to be true”.
5. Always protect your confidential information with passwords, and multiple ones if possible.