Microsoft has added some new features to Hotmail to try and prevent such things. The new Hotmail security works from both ends–one to strengthen Hotmail account security in the first place, and the second to make it easier to identify and flag accounts that have been compromised.

A Microsoft Privacy and Safety blog post explains:

At Hotmail, we know that account hijacking is a big problem, and we continue to work hard to prevent it. We’ve noticed a couple of things about hijacked accounts. First, many accounts have weak passwords that make them easy targets for hijackers. Second, when someone’s account gets hijacked, their friends often find out before they do, because the hijacker uses their account to send spam or phishing email to all their contacts.

These two observations led us to develop a couple of new features that help protect your accounts. The first lets you report a friend’s account as compromised – a feature unique to Hotmail – and the second prevents you from using common passwords that make your account easy to hack.

Click here to read the complete post.

Highlights from the most recent report include:

• Spam – 77.8 percent in July (an increase of 4.9 percentage points since June 2011)

• Phishing – One in 319.3 emails identified as phishing (an increase of 0.01 percentage points since June 2011)

• Malware – One in 280.9 emails in July contained malware (an increase of 0.02 percentage points since June 2011)

• Malicious Web sites – 6,797 Web sites blocked per day (an increase of 25.5 percent since June 2011)

• 35.9 percent of all malicious domains blocked were new in July (an increase of 0.8 percentage points since June 2011)

• 21.1 percent of all Web-based malware blocked was new in July (an increase of 0.8 percentage points since June 2011)

• Aggressively unstable malware leads to a rise in sophisticated socially engineered attacks

• Large scale malware attack using URL shortening services

For more details, download and read the 21-page PDF report for yourself–Symantec Intelligence Report: July 2011.

Key Findings – Email Attacks: This Time, It’s Personal

• Returns from mass email-based attacks declined by more than 50 percent from US$1.1 billion in June 2010 to $500 million in June 2011.
• Mass spam volumes plummeted from 300 billion daily spam messages to just 40 billion between June 2010 and June 2011.
• There is an increase in spearphishing and personalized scams and malicious attacks.
• Spearphishing attacks have increased threefold, while scams and malicious attacks have increased fourfold.
• The overall cost of targeted attacks to organizations worldwide is $1.29 billion annually.

Like almost all types of cybercrime exploits, the success of targeted attacks relies on technical holes and the all-too-human tendency to misplace trust. Targeted attacks are the most elusive threat to protect against and have the potential to deliver the most potent negative impact. Very low in volume, they focus on a specific individual or group under cover of anonymity provided by specialized botnet distribution channels. Typically, they rely on malware or APTs (Advanced Persistent Threats) to harvest desired data over a period of time. An example of a targeted attack is the infamous Stuxnet worm, which had the potential to severely disrupt industrial computing systems and could traverse non-networked systems, thus placing at risk even systems unconnected to networks or the Internet.

Spearphishing attacks, though more costly to mount and lower in volume than mass spam attacks, also pose serious consequences for today’s enterprises. Many spearphishing attacks ultimately lead to financial theft, making them both highly dangerous to victims and highly valuable to cybercriminals. Spearphishing campaigns, which are a highly customized evolution of the traditional mass attack technique of phishing, can net 10 times the profit of a mass attack.

The global study focuses on perspectives from 361 information technology professionals from 50 countries andwas compiled by Cisco Security Intelligence Operations, which provides real-time threat intelligence to help Cisco stay ahead of the latest cyber threats. Cisco SIO is the world’s largest cloud-based security ecosystem, using SensorBase data of almost 1 million live data feeds from deployed Cisco email, Web, firewall and intrusion prevention system (IPS) solutions.

Download the full report – Email Attacks: This Time It’s Personal

Here are some of the key findings:

·         More than 50% of Americans regularly click on links on social networks – the most common way that malware is spread today. And nearly all Americans think they’ll know if they’ve become infected through PC crashes, slowdowns, etc. But today’s stealthy malware usually infects without detection, so that hackers can surreptitiously steal your information without sounding off any alarms.  

·         What’s more dangerous porn or ponies? More than 40% of Americans think porn sites are more risky than horseback riding sites. In reality, however, hobby sites are usually easier to attack than adult sites. Hobby sites are also much slower in removing malware — and with visitors not being careful on these sites — they pose a greater infection risk than adult sites, where visitors expect danger.

·         More than half of Americans still believe most malware is spread via email, even though spam malware infections are steadily declining. 80% of Americans believe if they don’t open an infected file, they are safe.

·         Nearly 88% of Americans report using security software to protect their PCs, with 46% using paid software and 42.7% relying on free versions. The U.K. had the highest number of users with a security solution installed (94%), while Russia had the lowest (83%). Even though no free antivirus product currently offers full-suite protection (including anti-spam, web filters, firewalls, etc), 82% of Americans believe that free software is as good as paid.

That standard response plays into the attacker’s hand to some degree. The user becomes used to the idea that they might receive email communications from the company related to the data breach. That opens the door for an attacker to follow up with a convincing email that appears to be from the company directing users to provide account details or change their password…in response to the breach of course.

I realize that email is fast, and easy, and is probably the best and most efficient way for companies to notify affected customers. It just seems like a bit of hypocrcisy to send an email from the company that tells users to watch out for emails that appear to be from the company.

The reason, it seems, is a spike in the use of ZIP file attachments as a vector for distributing malware in spam email messages. So, even though there are fewer spam email messages overall, more of those messages have ZIP file attachments making them consumer more network bandwidth.

Check out the full Message Labs March 2011 Intelligence Report for more about the rise in ZIP file spam, and to learn more about current trends in spam and malicious email.