Spammers Elude E-Mail Filters by Leveraging Valid Sites
Commtouch report entitled, "2008 E-mail Threats Trend Report", released on April 7, 2008 indicated that over the months of January-March 2008 there has been a growing trend for malware developers and spammers to leverage authentic Websites to get around e-mail filters.
Commtouch's report revealed that malware distributors and spammers made use of various third-party tools in order to make their messages appear legitimate. These tools were embedded images picked up from valid Websites like Flickr, malicious URLs in links within search results, and malicious links or spam injected into transactional content over Hotmail.
According to Rebecca Steinberg Herson, Vice President of Marketing, Commtouch, spammers are effectively masking their messages by using the reference of legitimate sites, as reported by SCmagazine on April 7, 2008.
Herson said that the use of valid sites by spammers could confuse conventional filters. By conventional Herson means those filters that rely mainly on content and assessing e-mails to determine whether the message is good or bad.
The first quarter of 2008 also saw a considerable increase in incidents involving the Blogspot blogging site of Google. Although spammers used Blogspot during 2007, this year they have added another twist to their tactic.
According to Herson, plenty of malicious software is being spread via Blogspot. Attackers are distributing spam mails containing links generated on Blogspot, but these links land the end-users onto malware downloadable sites, especially while browsing with Internet Explorer. Although Google is vigilantly eliminating the malicious links, their generation is so fast that getting free of them becomes hard.
Commtouch's report further revealed that the levels of spam fluctuated throughout the first quarter of 2008 between 60% and 94% of the total e-mail traffic. Also, spammers leveraged high interest rates in mortgages in early 2008 with spam touting mortgage refinancing and rising to 10% during peak spam. On an average during this quarter, 355,000 compromised PCs were activated for the first time every day to use for malicious activity.
Related article: Spammers Continue their Campaigns Successfully
» SPAMfighter News - 14-04-2008