There may finally be some good news in the war against spam. The overall percentage of spam among e-mail messages dropped to 49.7 percent last month, the lowest level since 2003 and the first time the figure has been below 50 percent in more than a decade, according to a new study by Symantec.
Symantec reported its findings in its “Symantec Intelligence Report” for the month of June. Enterprises in the mining sector had the highest spam rate, at 56.1 percent, according to the report. The manufacturing sector was a close second at 53.7 percent. The finance, real estate, and insurance sectors had the lowest of any industry, at 51.9 percent.
Spammers seemed to treat all businesses pretty much the same with regard to size, however. On average, companies experienced a spam rate of between 52 percent and 53 percent no matter the number of employees. The only outlier to this pattern was companies with 251-500 employees, which experienced a 53.2 percent spam rate.
Although it may have seemed as though attacks were on the rise last month with a number of high-profile hacks, phishing and malware-based attacks actually fell slightly in June, as one in 2,448 e-mails was a phishing attack, down from one in 1,865 in May. Manufacturing was once again the biggest target for spear-phishing attacks, as 22 percent of all such attacks were directed at manufacturing organizations. Nevertheless, that number is down from 41 percent the previous month.
Phishers also continued to concentrate their efforts on both the smallest and largest companies, with enterprises with 1 to 250 employees experiencing the most attacks, and companies with more than 2,501 employees in second place.
The number of vulnerabilities also declined in June, down to 526 reports from 579 in May. There was also one zero-day vulnerability reported last month, stemming from Adobe Flash Player, the same number as in May.
Not All Good News
Despite the good news, there were several troubling developments in Symantec’s report. There was a grand total of 57.6 million new malware variants reported in June, up from 44.5 million created in May and 29.2 million in April. The increase in malware variants may indicate that hackers are changing tactics, according to Symantec.
“This increase in activity lends more evidence to the idea that with the continued drops in e-mail-based malicious activity, attackers are simply moving to other areas of the threat landscape,” Ben Nahorney, cybersecurity threat analyst at Symantec, said in the report.
In addition to the increase in malware variants, ransomware attacks were up in June, with over 477,000 detected during the month. While still below the levels seen at the end of 2014, June represented the second month in a row that ransomware attacks increased since reaching a 12-month low in April. Crypto-ransomware was also up in June, reaching the highest levels since December.
On social media, meanwhile, hackers continued to rely primarily on manual sharing attacks, which require victims to propagate the scam by sharing content themselves. In the last 12 months, manual sharing attacks accounted for more than 80 percent of social media attacks.