|Computer Viruses and Spam Ruled in 2003
? Be Prepared!
By Ira Wilsker
The final statistics on spam emails and viruses
have been released by several organizations and companies, and it was
not a good year for computer users who had to deal with them. Through
awareness of what happened last year, we may be better prepared to deal
with what we may encounter in 2004.
Even though President Bush signed the ?Can Spam?
act, and it recently went into effect, the spam tracking companies have
found no decrease in the amount of spam emails being sent, and in fact
there are indications that it is still increasing at a rapid rate.
According to the e-mail filtering service Brightmail
the percentage of all emails in December, 2003, that were spam was 58%,
compared to the January 2003 rate of 42%, a substantial increase. Of
the spam filtered in December, Brightmail determined that 21% was for
products advertising general goods and services, 18% was financially
oriented, 18% was adult oriented, 9% was for outright scams, 6% each for
health, leisure, or internet related, 3% was spiritual or religiously
oriented, and 3% were for clear frauds.
The marketing research and information company
found that the average American received an average of 155 spam emails
per week, for each email account used. One out of five Americans
received over 200 spams per week, in each account. Statistically, men
receive more spam than women each week, 164 compared to 147, and there
is no major difference in the rate of spam based on age ranges.
Geographically, people living in the northeast received the fewest spam
emails at 131 per week, while those of us living in the south received
the most at 163. While many computer security experts have stated that
the best way to fight spam is to simply delete it, 11% acknowledged
having a transaction initiated by a spam mail.
The commercial spam filtering company Commtouch (www.commtouch.com)
reported that the single most common subject used by spammers was
?Viagra?, or a substitute for Viagra. In order to attempt to slip by
the spam filters commonly used, the spammers uses over 50 variations of
the spelling of Viagra, according to Commtouch. They also reported that
28% of all spam contained some form of trickery in the subject line in
order to penetrate the spam filters, and be delivered to the recipient.
Far more destructive than spam mail was the
proliferation of computer viruses, worms, Trojans, and spyware.
According to the antivirus software company Panda (www.pandasoftware.com),
over 3700 new viruses and worms, including variants, appeared in 2003,
which was about a third more than appeared in 2002. Documented and
projected damage from these digital vandals was enormous. The British
security company ?mi2g? (www.mi2g.com)
calculated that the most damaging viruses and their variants of 2003, in
terms of dollars of damage around the world, were Sobig ($36.7 billion),
Klez ($19.4 billion), Yaha ($11.3 billion), Mimail ($10.5 billion ? and
still very active in 2004), and Swen ($10 billion).
Mi2g also saw, ?a meteoric rise in electronic
crime: business interruption, financial fraud, "phishing" scams,
extortion demands post distributed denial of service attacks, espionage
and mass spam campaigns.? They attribute much of this increase to
global criminal syndicates, and extremist group activities, the 2003
rate being several times more than in 2002. According to ?mi2g?, the
most frequent victims were home users, and small to medium businesses.
Users of broadband internet access were more frequent targets than
dialup users. There also was a dramatic increase in ?pfishing? and
other elaborate scams to ensnare victims into disclosing sensitive
personal and financial information through fraudulent email and websites
appearing to be authentic banking, retail, or other commercial websites.
Many customers of major banks, retailers, credit card companies, and
online services were duped into providing their information to thieves
who used that information to conduct financial transactions, steal their
identities, hijack their internet access for nefarious purposes, or
commit other criminal activities.
Mi2g also predicts that 2004 will see a worsening
of cyber problems, with the rate of spam increasing to 66% of all email
(despite recent US and European laws designed to restrict the practice),
spam costing the world economy $60 billion in lost productivity and
other costs. Mi2g also predict that there will be a greater merging of
spam, viruses, worms, and Trojans in 2004, where personal computers
hijacked by viruses and worms will be used to generate spam at far
higher numbers than in 2003, or attack other computers. Where virus
writers used to be vandals seeking notoriety, 2004 will see a dramatic
increase of viruses and worms created for financial gain, identity
theft, or infrastructure attack, with some of the most dangerous being
politically motivated. It is predicted that while much of the
politically motivated ?hactivism? will originate in Moslem countries,
with unofficial reprisals from American, British, Indian, and Israeli
hackers. ?Pfishing?, the attempt to steal sensitive personal
information by tricking the victim into thinking that he is responding
to a legitimate request from his credit card company, bank, or retailer
with which he has a relationship, is expected to continue to increase,
resulting in a continued loss of confidence in our established
Our personal risks can be reduced by using common
sense, deleting all spam and other questionable emails without opening
them, using updated antivirus, firewall, and anti-spyware software, and
never disclosing personal information without verifying the necessity
and destination of that information.
As the gruff sergeant on the ?Hill Street Blues?
said at the end of every roll call, ?Be careful out there!?
Ira Wilsker is the Director of the Management Development Program at
Lamar Institute of Technology, in Beaumont, TX. He also host a twice
weekly radio talk show on computer topics on KLVI, and writes a weekly
technology column for the Examiner newspaper. Ira is also a police
officer who specializes on cybercrime, and has lectured internationally
in computer crime and security. Ira is a graduate of the Jefferson
County (TX) Sheriff's Academy, and has an MBA from the University of