E-mail blended threats use e-mail as the initial vehicle to launch the attack, without relying on attaching or embedding a virus to the e-mail itself. Examples include the use of URLs in the e-mail to link the user to Web sites where malware is downloaded in the background, often without user intervention. These attacks are frequently missed by gateway anti-virus products looking for malware attachments, and which have no ability to view the links and active content in the context of an end user. They are also missed by corporate Web filters that may not block URLs linked to malware and are missed by filters that have not been alerted to or rated a hacker’s newly-constructed or rapidly address changing Web site. Because these attacks are fast moving they also avoid desktop anti-virus signature detection.

Adding to the threat, these e-mail attacks are well-engineered to trick users into believing that the message and the Web site are legitimate and lead to trusted Web sites. Even more alarming is the increasing use of legitimate Web sites that are hacked for the purpose of infecting the site with malware to be downloaded, which would not be detected by a Web filter. Users may even spread these attacks by unknowingly sending or forwarding e-mail on that contain links to malware inserted into popular Web and social networking sites, known as the “YouTube Syndrome.”

Examples of recent blended threat attacks can be found on our Blended Threats Forum (hyperlink). More information on blended threats is available in our blended threats whitepaper (hyperlink).

Blended threats differ from phishing attacks in both technique and objective. Phishing attacks are an attempt to obtain user data by setting up websites that spoof known websites. These sites require you to enter user information into the web site. Blended threat attacks usually only require the user to surf to the site. Hackers then take advantage of known exploits to force malware onto the users’ computer, often without their knowledge. This is commonly known as a “drive-by download.”