Symantec - Spammers Employing Traditional Techniques
Security researchers at Symantec state that spammers have not discarded their old methods. Actually, in a wave of latest malware and spam crusades, spammers have revised and combined two oldest and commonly used topics.
Symantec experts inform that they have observed the coming back of spam mails which hide their malicious content in HTML code embedded in the form of mail attachments. It is a known obfuscation technique which has been discarded in favor of other methods such as image spam.
Symantec also reveals that the image spam, responsible for the major increase in spam activity during May 2009, became even more constant in June 2009, accounting for between 8% and 10% of the total spam detected by the security vendor.
Moreover, it claims that spammers are coming back to the world's most primitive and unconventional social engineering technique of spamming. As per the security experts, several new spates of HTML spam harbor and '419 money laundering schemes', aka Nigerian scams are making their mark.
This method starts with simple phishing attacks, trailed by various URL encoding of HTML code. Symantec declares that it has also noticed that this method is employed in mail harvesting attacks.
Actually, what they fear is that these spam attacks will probably follow ever more diverse strategies in times to come as spammers are collectively working to advance their attack vectors.
It is learnt that some sample names of the attached HTML file identified by Symantec include- View the attached.htm, My shared file.htm and Truth of the matter.htm amongst others which are presently being used by spammers in their spam movements.
Mayur Kulkarni, Researcher at Symantec, claims that spammers do not have to discover new methods to enter user's inbox. They can very well use the existing method with even better results, as reported by securitywatch.eweek on July 7, 2009.
Lastly, the security vendor has asked users that they should not carelessly open any attachments particularly when it is sent by an unknown sender. With 419 spam mails, email users are suggested not to reply fake appeals and do not show interest in any of the money making plans.
» SPAMfighter News - 20-07-2009