Symantec's September Intelligence Report also covers a vulnerability in the WordPress platform, which spammers are exploiting to compromise Web servers and hide files deep with the WordPress directory structure. The files are basic HTML pages, according to Symantec, that redirects users to the Canadian Health & Care Mall spam website. WordPress-hosted blogs aren't affected by these vulnerabilities, according to the report; only older versions of software downloaded from WordPress.org.
Other findings in Symantec's report include:
- Spam rates dipped to 74.8 percent in September, a 1.1 percent drop since August
- One in 447.9 emails were actually phishing attempts, marking a 0.26 percent drop month over month
- One in 188.7 emails in September contained malware, an increase of 0.04 percent
- The number of malicious websites blocked daily rose 1 percent since last month, up to 3,474
- 44.6 percent of all malicious domains blocked in September were new, up 10 percent since August
- 14.5 percent of all Web-based malware blocked in September was new, down 2.9 percent since last month