Trends IBM on Spam and Phishing By David Cawley | 1 minute read IBM published their mid-year report for 2007 with details related to spam and phishing attacks. It’s quite a long report so I picked out some of the points I found interesting. There’s a synergy between spam and virus activity since a wide spread virus has the ability to turn hundreds of thousands of personal computers into spam spewing zombies. The virus writers exploit vulnerabilities to gain control of a machine. IBM commented that “more than half of the vulnerabilities in the first half of 2007 would allow an attacker to gain access to the host after successful exploitation”. An interesting point is that the top 3 vulnerability vendors in the first half of 2007 were Microsoft, Apple and Oracle. As part of the spam analysis they looked at the average byte size of spam. This of course correlates with the surge in attachment spam over the past couple of years in the form of images, pdf’s, mp3’s etc. They also provided a plot of the countries that host the spam websites: