New Personalized Spam Can Well Escape Spam Filters

Traditional spam is easy to catch but not personalized spam. They would crawl through even the most recent of anti-spam filtering programs.

Mass mailing practitioners will replace spammers within a period of less than one year. They will send out e-mails en-masse with personalized subject lines, which enhances the incidents of users opening the message.

Canadian researchers have designed software that creates 'personalized' spam messages from scanned legitimate e-mails. It is, therefore, possible that spammers begin using such techniques and write messages that would pass through spam filters.

Spammers hijack personal computers with computer viruses and send large volumes of spam from them. These 'zombie' machines are made to generate millions of unsolicited messages campaigning different items to addresses accumulated by 'Web-trawling' programs.

Personalized spam is based on factors such as vocabulary, length of individual lines, use of upper caps, signatures, abbreviations, misspellings and the like. The malware installed on a compromised PC writes a 'reply message' to a legitimate e-mail on the computer and adds its own message and attachment or 'hyperlinked' URL in the victim's own style and then sign off in the victim's name. Such e-mail messages are hard to detect and have favorable chances of slipping past a 'single-technology filter' such as the 'Bayesian spam filter' in Mozilla's 'Thunderbird e-mail client'.

Matt Sergeant, senior anti-spam applied scientist , MessageLabs, perceives that this is an experiment for more widely spread spam using same social engineering technique. Sergeant further told vnunet.com that at the end, the spammers would draw data from the same website from where they managed the ids and create subject lines with effective text. There are instances of phishing attacks that harvested personal information from MySpace, a social networking site.

For spam detectors, there are four new defenses to stop the new personalized spam. First, by encrypting e-mail archives, the malware can't mine them for information. Second, the archives can be coated with false information, called 'spam trap addresses'. Third, it is good to view URLs from an e-mail client in "sandboxed" browser that would stop automatic downloads. Finally, viable adjustments of anti-spam filters can help screen these types of attacks.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 10/10/2006