Spam is back with a vengeance as filters lose effectiveness
WASHINGTON: Most Internet users already know it: spam is on the rise again as the senders of unwanted e-mail advertisements find new ways to circumvent filtering systems.
A study released last month by the security firm Postini found that unwanted messages now account for 91 per cent of all e-mail, and over the past 12 months the daily volume of spam rose by 120 per cent.
A separate report by California-based IronPort Systems concluded that worldwide spam volumes increased from 31 billion messages daily in October 2005 to 61 billion messages per day in October 2006.
Security experts cite two key reasons for the surge, which has come after a brief respite in which spam appeared to be stabilizing.
First, spammers are using massive networks of hijacked computers called “bot-nets” to send the e-mails. Postini said more than one million infected computers are being used for spam and virus attacks each day, with 50,000 or more active at any instant.
Secondly, spammers are using more sophisticated techniques to get around filters, notably the use of “image spam”. “This dramatic rise in spam attacks on corporate networks has the Internet under a state of siege,” said Daniel Druker, executive vice president of marketing at Postini.
“Spammers are increasingly aggressive and sophisticated in their techniques, and protection from spam has become a front-burner issue again.
Spam has evolved from a tool for nuisance hackers and annoying marketers to one for criminal enterprises.” Image spam reached a new high of 25 per cent of total spam volume in October 2006, an increase of 421 per cent in a year, according to IronPort.
Paul Judge, chief technology officer of Secure Computing Corp, said filters that use key text words, mathematical analysis or even optical recognition have become less effective against the newest spam.
“Spammers are using advanced mathematical and graphical techniques like random modification of image pixels and dynamic construction of images from multiple components to bypass spam filtering tools,” he said.
Spam can reap profits for the senders in a variety of ways. The messages can simply offer a product for sale, such as Viagra or other pharmaceuticals; they can include fraudulent pitches for money or direct users to a fake “phishing” website to glean financial information or passwords; or they can include attachments that will infect computers, allowing them to be used to relay more spam.
Security group PandaLabs says a major new type of spam aims to push sales of stocks in a certain company.
“The objective of this attack is to push up these stock prices,” PandaLabs said, saying the messages appear to be coordinated to boost a particular share price to make profits.
“It is more than likely that the creator of these messages has bought these stocks for cheap and aims to make a quick profit by pushing the value up,” said Luis Corrons, director of PandaLabs.—AFP
