Spam is increasing at an alarming rate and spammers are consistently
developing new malicious techniques to spread it.
For years, businesses have been vigilant in deploying anti-spam technologies that protect their networks and productivity levels, but today, spam remains an
enormous problem and instead of becoming a deterrence, anti-spam technologies have opened the flood gates for spammers to flaunt their creative flare.
Looking back at the first six months of the year, spammers preyed on popular current events, capitalised on the economic slowdown, petrol prices and natural disasters including those in China and Burma in order to harvest personal information, according to Symantec’s June State of Spam report.
Commenting on the torrent of spam related to the economic slowdown, Secure Computing said the lure of loan officers telling people they are clicks away from financial freedom draws people into clicking on links that can lead them
to a Trojan-infected workstation.
Also, the vendor noted that penny stock spam or “pump and dump” spam, sent in
June, applied a more accurate technique which included using stock symbols that
were closer to legitimate acronyms than those previously seen in the field.
In terms of other techniques, the most notable trend, according to security
vendor Proofpoint included a resurgence in text-based spam. Proofpoint said
text-based spam has so far reached 70 percent of all spam this year, compared
to 20 percent for the same period of 2007.
Image spam continued its decline and dropped to three percent, compared to
60 percent last year.
Trend Micro’s recent Threat Roundup report found spam volumes will continue
to rise exponentially, with average daily spam volumes predicted to increase by
30 to 50 billion messages per day.
Botnets are a contributing factor, according to experts. “Botnets continue to proliferate and are by far the dominant source of spam,” said Gerry Tucker, regional head for Proofpoint in APAC.
Chia Wing Fei, security response team manager at F-Secure’s Malaysian headquarters, said botnets are still the biggest problem for security vendors today.
“To this day we’re still trying to figure out how to shut down a botnet system like Storm. [But] the money is good, it’s in the millions,” he said, while explaining the key drivers for surging spam.
Looking ahead, next month spam and phishing will rise to correspond with the
Beijing Olympic Games.
According to MessageLabs, the vendor had already intercepted 13 separate
Olympic-themed attacks between November 2007 and April 2008.
The messaging security vendor warned of legitimate-sounding email subject titles such as “The Beijing 2008 Torch Relay” or other attacks purported to be from the International Olympic Committee.
Once the Games are over, spammers will commence a new theme; their next plan
of action: the US Presidential election.
Election-motivated content and the names of popular candidates including Barack Obama, Hillary Clinton and John McCain are set to be exploited, warned
security vendor BitDefender.
“As we move forward towards the election we’re going to see an increased volume of spam with this sort of content,” said Mihai Rusescu, business unit manager EMEA & APAC Business Unit at BitDefender.
Already in February, Symantec discovered a spam message with the subject line “Hillary Clinton Full Video !!!. After clicking on a link the malicious
Trojan .Srizbi will attempt to be installed.
“The high volumes of email associated with today’s spam attacks can escalate the number of inbound messages between 500 percent and 700 percent within hours.
This sudden, exponential growth in spam volumes can easily strain IT network
infrastructure to the point of failure,” said Proofpoint’s Tucker.
Spam’s annoying reign lingers on
By Negar Salek on Aug 6, 2008 3:10PM