Google Says UPS, CNN E-Mail Viruses Stood Out in July

Google reports that two e-mail virus spoofs, one for UPS and one for CNN, are racking the security world today. Google also said its SAAS Postini data centers are tracking the viruses and adding filters to help protect businesses' enterprise applications in the cloud. Meanwhile, the CNN virus has morphed into the MSNBC virus with similar nasty malware designs.

Google may be susceptible to serious outages for its Gmail and other Google Apps, but the company is putting the smack down on e-mail viruses.
Google, no stranger to tracking the comings and goings-on around our beloved Internet, said its Postini data centers in July tallied the biggest volume of e-mail virus attacks to date in 2008.
The search giant, which acquired SAAS (software as a service) security provider Postini as the bedrock for its Google Apps cloud computing offering last year, said virus spam peaked on July 24, when Postini tracked nearly 10 million messages.
That Google's Postini group is actively tracking these viruses should give businesses some comfort. As companies increasingly turn to the Web as their business platform, they're going to require a high degree of security to not only preserve their sensitive data but keep employees safe from scams that use the Web as their primary vector.
So, what viruses were users spammed by in July? There were two of particular note.
One attack employed a faux UPS package tracking link designed to lure recipients into clicking on it and downloading malware. Google said its zero-hour virus protection software started catching these e-mails on July 20.
Another popular ploy was a spoofed CNN newsletter sent out by spammers. The newsletter content included current news stories with numerous links in the message. Most of the links were valid, but some were replaced with malicious links. Very sneaky!
Back pat warning: Google said it implemented a filter to stop these viruses to protects its 14 million business users for Google Apps. Guess what? Google's going to have to target the CNN virus, which has morphed into a new strain.
EWEEK's Brian Prince today reported that the very security hackers behind the CNN-spam campaign switched to MSNBC, sending spoofed e-mails claiming to be MSNBC news alerts in an attempt to lure victims into downloading malware.
If there is a silver lining to all of this viral e-mail madness, Google, which said viruses proliferate in the summer (presumably because these loser virus creators are taking vacations from their real jobs), said virus senders aren't using attachments to drop their computer-cramping payloads.
Again, I presume this is because recipients have wised up to the fact that you shouldn't double click on any attachment unless you are certain that is safe. Indeed, I no longer accept press releases via attachments, so paranoid am I about taking the malevolent malware bait.
Anyway, Google seems to think its filters are proof positive that cloud computing is the way to go.
"This network effect and rapid protection against these new tactics is why businesses are increasingly moving their e-mail security into the cloud," wrote Amanda Kleha, a member of the Google Apps security and compliance team.
I'm not sure security is the biggest issue in the cloud. In light of the recent outages, in which Google Apps and Gmail went down for 15 hours last week and Gmail conked out for 2 hours on Monday, I have to think reliability and uptime are the biggest concerns weighing on Google Apps users' minds.
What good are security measures if you can't convince people they can access their data 24/7?
Anyway, Google wants you to know how good it is at handling the spam situation for businesses, so the company on Friday, Aug. 15--that's tomorrow--is hosting a Webinar titled, ""How spam is changing your business e-mail, and what to do about it" at 10 a.m. PDT.
Check it out here if you haven't given up on Google Apps for your enterprise.