
This means that the attackers are often one step ahead of protection software.
Geoff Sweeney, chief technology officer at Tier-3, a behavioural analysis IT security firm, echoed the remarks.
"Self-changing code designed to dynamically evade recognition is a fact of life," he said. "It automatically adapts to the anti-spam and anti-malware engines that it encounters."
Unfortunately the know-how and construction kits used to create this shape-shifting threat are now readily available and are unleashing a wave of malware based on social engineering techniques.
"Highly targeted emails containing personalised information and shape-shifting Trojan attachments are the latest development," said Sweeney.
"Each positive infection increases the 'hit rate' for the next wave of emails sent out by the self-learning automated engines used by sophisticated attackers."
Sweeney believes that a non rules-based monitoring process must be set up to defend all ingress and egress points covering SMTP, DNS, HTTP(s), IM etc.
"Once this is in place, defence against shape-shifting threats becomes possible as does the removal of any previously established covert data leakage channels that will be revealed and dealt with," he said.