Researchers at MessageLabs found that spam messages originating from Google's webmail service doubled last month to reach roughly 2.6 percent of all webmail spam.
MessageLabs believes that this points to a possible breach of Gmail's spam protections, in particular the 'Captcha' system.
Captcha codes are the input boxes in which a user copies a sequence of letters or numbers from an image. The system is designed to prevent spammers registering multiple accounts automatically.
"There are several approaches a spammer can take to defeat a Captcha," said Mark Sunner, chief security analyst at MessageLabs.
"Whether they do so using an algorithm, a 'mechanical Turk' or combination of the two, email providers are feeling the pressure to keep pace but are limited to what a human can realistically solve.
"This is creating ever more doubt about the long-term effectiveness of Captcha as a security mechanism for email services."
A Google spokesperson declined to comment on the MessageLabs report, but did say that the company has taken action against the spammers.
"Fighting spam is a never-ending battle," said the spokesperson. "We disabled these accounts immediately and will continue to do so if they spread."
MessageLabs acknowledged that Gmail is a relatively minor source of spam. While the February boost brought Gmail's total to 2.6 per cent of webmail spam, Yahoo Mail accounts for a whopping 88.7 per cent.
Spammers crack Gmail Captcha codes
By
Shaun Nichols
on Mar 12, 2008 7:28AM
