Spam Volumes Going From Bad to Worse
Spam volumes are once again increasing and spam vendors seem to be fueling it this time. This allegation is leveled by Google, which revealed some astonishing new spam statistics on August 12, 2008.
Sundar Raghavan, Product-Marketing Manager in the Google Apps Security & Compliance team, said that the increase in the amount of spam depends on time of the year and one such increase was seen in July, as reported by internetnews on August 12, 2008.
Raghavan further said that during July-August 2008, his team began observing an extremely interesting trend related to the sophistication and volume of incoming e-mail threats. According to him, around July 20, his team saw a spoofed UPS tracking e-mail being sent out and these e-mails continued to flow till they reached a peak of 10 Million on July 24.
Moreover, such a volume, about 6-7 times of the normal amount, indicates that spam mails are being able to penetrate users' defenses and converting their systems into zombies.
According to Google, despite the protection it delivers to e-mail messages from the Internet overcast, anti-spam hardware mechanisms that fail to update on time might be another reason for malicious e-mails to successfully attack inboxes.
Also, a lot of unsolicited e-mails observed by Google are crafted to take advantage of not operating system and browser flaws, but users' inquisitiveness. Thus, spam mails now appear as spoofed CNN newsletters with links that lure user with descriptions like "Microsoft Bribes Chinese Officials." And, if these links are clicked, they install malware in the system.
Google has also observed a rise in e-mails that carry viruses hidden as encrypted .RAR attachments, in spite of an overall decline in malevolent attachments. XSS (Cross-Site Scripting) messages, typically generic in nature, have been circulating for sometime while spammers have found a way to use latest titles as lure and also change the underlying web link.
Similarly, Marshal, an e-mail security firm, also issued its report on Internet security for the first six months of 2008 on August 12, 2008 in which it said that the spam had doubled in volume.
Related article: Spam Scam Bags a Scottish Connection
» SPAMfighter News - 25-08-2008