Press Release
POSTINI MESSAGE SECURITY AND MANAGEMENT UPDATE SHOWS UPWARD TREND IN DIRECTORY HARVEST ATTACKS ON CORPORATE EMAIL
DHAs Jump 30 Percent in August; High-Level Geographical DHA Activity Seen in Korea, Brazil and China
SAN CARLOS, CA, September 14, 2006 – Postini, the global leader in Integrated Message Management, today announced in its August Monthly Message Security & Management Update that directory harvest attacks (DHAs) rose by 30 percent over July. The company anticipates these attacks to increase with the end of summer vacation and approaching holiday season.
DHAs are brute force attempts by spammers to hijack and steal an enterprise's entire email directory, which is then used to launch junk email attacks against corporate email servers. In a DHA, an attacker unleashes a program that guesses at possible email addresses within a domain and attempts to send messages to those addresses. The server rejects requests intended for addresses that don't exist. By the process of elimination, the addresses it doesn't reject are deemed valid, and the program can add them to a spammer's databases. The result isn't just more spam. An aggressive DHA can place such intense demands on a server that it mimics a denial of service (DoS) attack and slows legitimate email delivery.
In August, the highest level of DHAs originated from a number of global regions including Seoul, Korea; Sao Paulo, Brazil; Beijing, China; Taipei, Taiwan; Tokyo, Japan; Mittelfranken, Germany; Calgary, Canada; and Herndon, Virginia.
"We have historically seen increased malicious connection activity during the end of summer and approaching winter holiday seasons. This increase may be a signal that hackers are getting an early start trying to obtain legitimate email addresses in order to launch spam, phishing and virus attacks," said Scott Petry, founder, chief technical officer and executive vice president of product development at Postini. "With our patented Sender Behavior Analysis technology, which protects email based on the observed behavior of source IPs, Postini can thwart directory harvest, denial of service and other debilitating attacks that may be launched, before they ever reach corporate networks, thereby safeguarding the 36,000 businesses and ten million end users using our services."
Postini also noted a continued increase in encrypted email traffic for August, processing nearly 400 million encrypted messages.
Postini's PREEMPT™ technology blocked 23 million inbound viruses for August, 0.45 percent of all email scanned for the month. Postini also blocked seven billion spam messages, an average of 78 percent of all email scanned for the month.
The top five viruses for August were:
| Virus Name | Quantity Blocked |
| netsky | 4,153,496 |
| bagle | 3,192,394 |
| mytob | 3,048,734 |
| mime | 2,441,628 |
| mydoom | 1,582,680 |
Postini's StatTrak™ is available at www.postini.com/stats and provides the most up-to-date statistics on the latest viruses, spam and DHAs.
About Postini
Postini is the global leader in Integrated Message Management, providing compliance, security, availability, and visibility solutions for corporate email, instant messaging and web. Postini offers a complete suite of services including archiving, spam and virus blocking, content control, encryption, and business continuity. The company's powerful managed services infrastructure seamlessly integrates with customers' environment, providing uncompromising security for more companies than any other provider in the world. Postini's services protect organizations from a wide range of threats, reduce compliance and legal risks, ensure reliable communications, and enable the intelligent management and enforcement of enterprise policies that protect companies' intellectual property, reputations and business relationships. For more information please contact Postini atinfo@postini.com or visit http://www.postini.com.
