Spam Tops Social Networks for Phishing Threats at SMBs

SpamTitan Technologies, a spam and Web-filtering software maker, revealed that its latest survey of small and mid-size businesses found that when it comes to phishing threats, traditional spam techniques still trump attacks on social networks.

Three quarters (75 percent) of IT managers surveyed say spam is their leading security threat. Did network security measures push phishing attacks from e-mail to social networks such as Twitter and Facebook? Respondents were split; 37 percent agree and 31 percent disagree, saying the rise in threats is a result of the growth of user communities on such sites.

"Clear policies along with improvements in user education and awareness topped recommendations as the best way to beat phishing in all its forms," SpamTitan said in a release.

"Phishing attacks remain a clear and present threat to businesses," said Ronan Kavanagh, SpamTitan's CEO. "There is no evidence to suggest that network security measures are discouraging the number of phishing attacks. It is simply that the arrival of social networking in the workplace has presented phishers with a bigger pond to phish in."

The company says its survey findings are consistent with a report from earlier this year from antivirus vendor Kaspersky Labs, which found that from January through March of this year, Facebook accounted for only 5.7 percent of attacks, putting it behind HSBC, eBay, and PayPal (the trio accounted for over 52 percent of all phishing scams).

The company says the latest release of its product "uses a multi-layered approach" and includes new "malware detection mechanisms" in its scan engine along with "a large set of Phishing signatures, support for SURBLs (Spam URL Realtime Blocklists), and heuristic rule tests." Using its new phishing module, SpamTitan searches for URLs within e-mail messages "and can also detect day-zero phishing e-mails."

-- James E. Powell
Editorial Director, ESJ

Posted by Jim Powell on 09/21/2010