Unified Threat Management (UTM) solutions provider Cyberoam today announced the Q1 2009 email threat report, in collaboration with partner Commtouch. While Conficker worm took the limelight, a key highlight is that attackers have reached new levels of sophistication in their social engineering techniques, using fear, emotion and security loopholes to perpetuate attacks.

Spammers tricked users on Facebook, Myspace, Twitter into divulging personal information. Exploiting users’ fear of finding scandalous images of themselves online, spammers sent wall posts proclaiming that such pictures have surfaced on Facebook. Also used on Facebook were desperate messages from friends supposedly in a financial bind. Users clicking on the link were taken to what looked like the Facebook login page, but actually it was an imposter site collecting usernames and passwords of unknowing users.

Spammers sent direct Twitter messages to users of blog posts and funny photos related to them. Security loopholes on Twitter like the use of TinyURL to replace long URLs with short ones to fit into Twitter’s 140 character limit meant that users did not know where the link led before they clicked.

Vice President-Product Management, Cyberoam, Abhilash Sonwane, said, “Attackers have confirmed once more that they work on both sides of the equation – user and the platform. They play on the emotions of users while exploiting loopholes on the platform being used. Used in combination, it is an effective way to propagate malware. While Cyberoam offers protection from evolving threats, we also recommend user education to effectively contain threats,” he added.

Blended threats created near perfect mirror sites and official looking emails from CNN and the US tax departments. While Google Docs was used to compromise ZDNet, spammers used “borrowed” images from legitimate sites like CBS and Pizza Hut in addition to masking their email addresses to bypass spam filters.

Loan spam jumped from 3% of all spam messages in Q4 2008 to first place, with 28% of all spam messages this quarter, reflecting the global economic situation.

Cyberoam uses the Commtouch RPDTM technology to analyse large volumes of Internet traffic in real-time. Unlike traditional spam filters, it relies not on email content, but on message pattern enabling it to detect spam in any language and message format. Its language and content agnostic nature enables it to provide effective spam blocking capabilities. Cyberoam incorporates RPDTM within its unique Identity-based UTM appliances which show who is doing what in the network and enable the creation of policies based on the username rather than just IP addresses.

About Cyberoam
Cyberoam Identity-based UTM appliances offer comprehensive protection against existing and emerging Internet threats, including viruses, worms, Trojans, spyware, phishing, pharming and more. Cyberoam delivers the complete range of security features such as stateful inspection firewall, VPN – SSL & IPSec, gateway anti-virus and anti-spyware, gateway anti-spam, intrusion prevention system, content filtering in addition to bandwidth management and multiple link management over a single platform. Cyberoam is certified by the West Coast Labs with CheckMark UTM Level 5 Certification, ICSA Lab, an independent division of Verizon Business, and the Virtual Private Network Consortium. Cyberoam has received the 2008 Emerging Vendor of the Year award by Frost & Sullivan, ZDNet Asia IT Leader of the Year award for 2008-09, 2007 Global Excellence Awards for Integrated Security Appliance, Security Solution for Education and Unified Security, the 2007 Tomorrow’s Technology Today Award for Unified Security and was rated Positive by Gartner in its Marketscope for SMB multi-function firewalls. Cyberoam has offices in the Woburn, MA, USA and India. For more information, please visit www.cyberoam.com.

About Elitecore Technologies Limited
Elitecore Technologies Limited is the global provider of Cyberoam UTM appliances. Elitecore’s other divisions include Crestel Convergent Billing Solution that meets the voice, data, video billing and customer care requirements of Tier-1 service providers and 24online Billing and Bandwidth Management Solution for hotels, hotspots and Internet service providers. Elitecore has a strong R&D base and support center in India; it has sustained a healthy growth rate of over 75% since inception. For more information, please visit www.elitecore.com