Cyberoam, a division of Elitecore Technologies and the leading innovator of identity-based Unified Threat Management (UTM) solutions, today announced the Q2 2008 email threat trend report, prepared in collaboration with partner Commtouch. The report revealed attacks on new user groups like ISPs, educational institutions, Google Adwords users and Microsoft users. The trend showed attacks on these large user groups by exploiting their psychological behavior and through media that they trusted the most.

Around 10 million zombies were active in Q2, sending spam and email based malware everyday. The vast majority of the zombie IP addresses were dynamic and the zombie botmasters succeeded in causing large scale damage by deactivating the IPs causing fresh attacks, switching among various IPs in order to bypass by traditional security solutions.

The zombie botmasters have hit hard the Internet Service Providers (ISPs) by exploiting ISP infrastructure to send out spam on the Internet. ISPs thus faced a tough challenge this quarter, protecting their users against incoming spam in their inbox while shielding them from being used by zombies to send out spam. The latter is a bigger concern as it leads to blacklisting of IP ranges of these ISPs, which will also block legitimate outbound emails along with the junk. Zombie abuse consumes precious network resources of the ISPs, reducing network speeds and resulting in customer dissatisfaction.

Phishing, spam messages that attempt to coax users into handing over passwords and other sensitive personal information, continue claiming victims. This quarter such phishing attempts were targeted increasingly at university students and faculty members. Text-based message spam, seemingly coming from IT department, collected their personal information and passwords. Yet another phishing scam hit the Google Adwords account owners with legitimate-looking subject lines they were most likely to succumb to. The email contained legitimate Google links which redirected the user to a phishing site hosted on a Chinese domain.

In a new form of Bayesian poisoning, spammers used the disclaimer message content in Hotmail messages to bypass content-based filters. The content also contained a link to a hosted image of a pharmaceutical ad. With the hotmail disclaimer lowering users’ guard, users confirmed the validity of their email ids by viewing the image, also becoming easy targets in future.

The report also revealed continuity of attacks with the help of socially engineered subject lines manipulating the blogger community and the U.S. tax payers. Exploiting the human emotions were subject lines related to the fabricated news of an earthquake in China, with the body text containing malicious clickable links.

With one of the highest spam-catching rates in the industry, Cyberoam’s powerful Anti-Spam solution uses Commtouch RPD technology that analyzes large volumes of Internet traffic in real-time. Cyberoam Anti-Spam’s language- and content-agnostic nature allows it to detect spam in any language and in every message format (including images, HTML, etc.), non-English characters, single and double byte, etc.

“Duplicity in the virtual world continues with increased vitality, thanks to the new and innovative methods of spammers to manipulate Internet users. New and easily vulnerable user groups are being targeted today with techniques that can deceive even the more experienced in the industry,” says Mr. Abhilash Sonwane, VP Product Management, Cyberoam. “Attackers know that internal users can be their most vulnerable targets and they constantly innovate to come up with new methods to attack them. By allowing identity-based policies, Cyberoam controls user activities within the network. This, along with Commtouch’s Rapid Pattern Detection and outbreak prevention technologies, enables Cyberoam to offer end users the deepest and most comprehensive level of protection from all types of spam, malware and other Internet threats.”

Unlike traditional IP address-dependent solutions, Cyberoam’s unique identity-based UTM appliances deliver knowledge of who is doing what in the network, providing greater granular controls in creating user-based policies and offering clear visibility in the network.

About Cyberoam
Cyberoam Identity-based UTM appliances offer comprehensive protection against existing and emerging Internet threats, including viruses, worms, Trojans, spyware, phishing, pharming and more. Cyberoam delivers the complete range of security features such as stateful inspection firewall, VPN, gateway anti-virus, gateway anti-malware, gateway anti-spam, intrusion prevention system, content filtering in addition to bandwidth management and multiple link management over a single platform. Cyberoam is certified by the West Coast Labs with CheckMark UTM Level 5 Certification, ICSA Labs, an independent division of Verizon Business, and is a member of the Virtual Private Network Consortium. Cyberoam has also received SC Magazine’s 5 Star Rating twice in a row, the 2007 Global Excellence Awards for Integrated Security Appliance, Security Solution for Education and Unified Security, and the 2007 Tomorrow’s Technology Today Award for Unified Security. Cyberoam has offices in the Newburyport, MA and India. For more information, please visit www.cyberoam.com

About Elitecore Technologies
Elitecore Technologies is the global provider of Cyberoam UTM appliances. Elitecore’s other divisions include Crestel Convergent Billing Solution that meets the voice, data, video billing and customer care requirements of Tier-1 service providers and 24online Billing and Bandwidth Management Solution for hotels, hotspots and Internet service providers. Elitecore has a strong R&D base and support center in India; it has sustained a healthy growth rate of over 75 % since inception. For more information, please visit www.elitecore.com

For further information please contact
Richard Warner
Account Manager
Tel: +44 20 7388 9988
Email: warner@spreckley.co.uk

Press Contact
L. K. Pathak
l.k.pathak@elitecore.com