Spam, Phishing, Zombies Expand Reach, Wits
If you are connected to the
Internet you most likely have an e-mail address and have (or constantly
have) received spam. The problem will only grow more troublesom say the
experts. Spam attacks and particularly image spam and zombie-generated
spam grew in the third quarter of 2006 according to both Commtouch
Software Ltd., and MessageLabs.
Some 3.5 million attacks per day became the new measure of spam
achievement. Image spam increased in number and severity during the
quarter, accounting for 50 percent of all spam during its peak
distribution time, Commtouch reported. The figure is up from 30 percent
in the second quarter.
MessageLabs, a provider of integrated messaging and web security
services, observed new spam techniques to circumvent traditional IT
security and the sharp increase in phishing attacks which accounted for
more than half of all the malicious e-mails intercepted by MessageLabs
in September 2006.
Legitimate marketing professionals however are often innocent victims
of spam filters, and rely upon information sharing via e-mail. TRUSTe
recommends some steps marketers must take in today's spam weary
environment and the organization published its recommendations for free
online. TRUSTe's advice follows later in this story.
Commtouch analyzes distribution patterns of billions of e-mail messages
in order to develop a block against phishing attempts and image-based
spam. It noted that image-spammers added new complexity recently by
incorporating animated images distributed on a massive scale for the
Animated image spam typically weighs 44KB or eight times the size of
regular text spam. Based upon Commtouch’s analysis, on average,
image-based spam accounts for 20 percent of all spam leading to twice
the required total bandwidth consumption and redundant storage
necessary since the first of 2006.
"The bandwidth and storage requirements of such resource-intensive spam
weighs heavily on most IT organizations," said Amir Lev, Commtouch’s
"In addition to the sheer size of each individual message, the spam
messages are sent in enormous quantities, which can overload an
enterprise if it is not using an anti-spam engine that knows how to
identify and block them," Lev said.
Spammers have begun using images in PNG format, where previously they
were using only GIF images. This is another method to try to bypass
anti-spam filters Commtouch reported.
MessageLabs noted how spammers are evolving to incorporate groups of
individuals by class, keyword, or industry. Recently the firm has
experienced a spike in geek spam. This type of spam includes
technology-related keywords within the e-mail to dupe recipients into
believing that the spam is relevant. This targeted approach, using
hidden keywords, can help to pollute the Bayesian filters often
used by technology professionals.
The use of technology buzzwords, such as .NET, cpan, xss and Java,
hidden inside the body of the spam can ensure that the e-mail looks
convincing enough for limited anti-spam software to allow it through.
"Cyber-criminals continue to seek new and more subversive means to
launch their attacks," said Mark Sunner, CTO of MessageLabs. "Geek spam
is yet another way that the bad guys are evolving their methods and we
expect to see an increase in other similarly targeted spam, such as
accountants and by using financial terminology."
Zombie networks or ‘botnets’ have grown in size and severity throughout
the quarter. Commtouch research also identified hundreds of thousands
of newly activated zombie machines each day throughout the third
quarter. Zombies are typically compromised home computers with a
broadband connection to the Internet. Commtouch research identified
that on average, 85 percent of spam messages sent during the third
quarter of 2006 were sent via zombie-infected computers.
"Zombie networks are impossible to block out by traditional
‘blacklisting’ since they are constantly changing," Lev said. "They are
like the fireflies of the spam universe – the zombie is born when the
computer gets infected by rogue software, but it only remains active
for a short time from the same IP address. Only a real-time detection
engine can provide effective protection against zombie-generated spam
If your inbox is full of "penny stock" advertisements -- Commtouch
reports you are not alone. Stock scams are tailor-made for image-based
spam, since they do not require any hyperlinks to spammer websites,
instead simply directing the reader to purchase the stock.
Other popular spam messages included pharmaceuticals (27 percent,)
stock (18 percent,) sex enhancers (12 percent,) finance, work from
home, mortgage, (11 percent,) gambling (11 percent,) pornography (6
percent,) and other at 15 percent.
Phishing, or the term used to describe attempted fraud via email, is
rising with great speed. Commtouch research concluded that during
the third quarter, nearly half of all phishing attempts preyed on
account holders in eBay or Paypal, divided nearly equally between the
two (24 percent on eBay, 24 percent on Paypal.)
Phishing email messages typically use social engineering tactics to
make the reader believe that they are viewing a legitimate
communication from a financial institution. Then users are lured into
providing their usernames and passwords by logging in to the fictitious
site, which they access by clicking a hyperlink in the email.
"Regardless of the anti-spam legislation in effect in many countries,
we see that the spam problem is getting worse with each passing day,"
said Lev. "Double-digit percentages of image-based spam, enormous
zombie spam networks, growth in phishing attempts -- all point to the
fact that legislation alone can never solve the problem. The answer is
rooted in technology-based filtering and blocking."
When new forms of spam are added to existing phishing attacks and an
augmented focus on banks --who have not adopted new security
technology-- the end user is increasingly more exposed to complex
and well engineered attacks Sunner said.
When judged as a proportion of all email-borne threats such as viruses
and trojans, the number of phishing emails has risen by 21.7 percent,
now accounting for 52.4 percent of all the malicious emails intercepted
MessageLabs research reported that phishing attacks continue to become
more targeted as criminal groups shift their attention from creating
malware to attacking banking organizations not yet protected by
two-factor authentication security measures.
Banking organizations with protective technology are being attacked,
but on a much lesser scale MessageLabs reported. These increased
attacks are perhaps due to the release of Microsoft Internet Explorer
7.0, which will include additional anti-phishing countermeasures.
GLOBAL RATES OF SPAM
MessageLabs puts the global ration of spam in September at 64.4 percent
of sent messages, up 0.1 percent from August. "This is indicative that
spam is not going away, and that concentrations are expected to
increase again in coming months as spammers continue to adopt new
techniques," the company reported.
The good news though is that viruses and trojans have declined since
the beginning of 2006 and in the third quarter the rate was much lower
than third quarter of 2005.
MessageLabs research indicates that bots are increasing in number and
distribution, particularly in South America countries, where the use of
bots to distribute bank trojans and phishing scams has now escalated to
such a degree as to make them the new “419-scam” of the region.
Israel was the world's top target of spam, representing 74 percent of
all e-mail traffic. Ireland recorded the highest increase in spam (1.7
percent) to 64.2 percent of all e-mails. If you live in India your spam
figures are the world's lowest at 25 percent. Australia was the least
affected virus country in September with a drop of nearly 1 percent
followed by Belgium with a rate of 1 in 102 viruses during September,
according to MessageLabs research.
HELP FOR MARKETERS
Spam of course has now become the reason everyone questions whether or
not their "innocent yet important" e-mail was received by the one
intended and not tossed by a spam filter before reaching its
Non-profit online privacy organization TRUSTe along with Epsilon are
helping marketing services firms assure successful e-mail communication
"As the e-mail landscape continues to evolve toward increased end-user
control, maximizing marketing ROI will require a commitment to
understanding and catering to consumer preferences," said Fran Maier,
executive director of TRUSTe.
"In ‘Your Customers Hold the Key to Deliverability,’ report TRUSTe and
Epsilon provide marketers of all sizes with practical advice that will
help them ensure mutually-beneficial, long-lasting and respectful email
dialogs with their customers."
TRUSTe's report, which is free for download, (copy and paste the
link: www.truste.org/whitepaper ) was designed to help
businesses assure successfully delivery and optimal response from their
permission-based e-mail communication efforts.
The guide also provides hands-on advice for marketers seeking to avoid
and reduce spam complaints. Spam complaints are increasingly playing a
role in ISP anti-spam filtering policies, white listing programs, and
emerging accreditation and reputation solutions, and have the potential
to impact marketers’ ability to successfully deliver e-mail.
Michael Della Penna, CMO of Epsilon, said that marketers must
understand ISP policies and those of their own customers. "The
importance of taking a customer-centric approach to your e-mail
communications and employing industry best practices is essential to
not only reducing complaints and improving delivery, but also to
optimizing customer relationships and growing marketing ROI."
TRUSTe's guide recommends the sender must provide clear and conspicuous
notice, host a website to enable customers to modify e-mail settings,
and establish feedback loops with participating ISPs, and to closely
monitor short and long-term spam complaint trends.
content is copyrighted by
Ask, reproduction of any kind is not permitted without written