Trust That URL? Think Again.
By Natalie Boike
The IBM X-Force recently released the full 2010 Trend and Risk Report, which details experience and insights gained from managing 4,000 client environments worldwide, as well as analysis of every publicly disclosed vulnerability.
One tidbit I found particularly interesting: 90 percent of spam is classified as URL spam, or messages that include URLs that a person clicks to view. This surprises me because I would think this would be the least-effective spam method; people are more cautious of emails that ask them to go to an outside website. However, the X-Force reports the majority of those domain names are well-known and trusted, such as Internet service providers, image-hosting websites and URL shortening services.
According to the report, “Not only do these legitimate websites provide a recognizable (and trustworthy) web link to the end user, but spam messages using them may also successfully evade some anti-spam technology because they only use legitimate links in their spam emails.”
It’ll definitely make me think twice before clicking a link from what I think may be a trusted site.
Of course, the X-Force report has much more significant and business-relevant findings. Get the full report online, follow the X-Force blog for further analysis or even interact with the data from the past several years. What findings do you think are most interesting?
Recent Comments