Spammers Encrypt Attachments in E-Mails to Beat Filters
Spammers have sharpened their techniques by encrypting attachments in e-mails to be able to beat filtering systems, reported service provider E-mail Systems.
The technique works successfully because many anti-spam solutions can't scan e-mails having encrypted or password-protected attachments thereby not recognizing illegitimate e-mails. In the absence of the ability to block such malicious attachments, the system will allow e-mails to reach recipients' inboxes meaning victory to spammers who strive to get their spam through.
In the past few weeks, E-mail Systems spotted a small flow of such spam steadily originating from compromised bots. They contained the pervasive 'Storm' Trojan that inflicted Internet users early this year.
The virus industry has stepped up another change in its techniques, said Greg Miller, marketing director at E-mail Systems. PC PRO reported this on April 30, 2007. There has been a drop off in e-mails delivering viruses in 2006. Virus writers are now cleverer because they know smart ways to hide viruses.
Recipients tend to inadvertently unzip the file containing the Trojan using an encrypted password. They are lured to do this by various types of attractive subject lines like 'Virus Detected!' 'Worm Detected!' 'Spyware Alert!' and 'Warning!'
These virus-laden attachments sound even more convincing because they have come through the IT department's protective systems, said Miller. Users think them safe to open since they have passed through anti-virus programs, he said.
With the adoption of anti-spam systems to popular techniques like image spam, criminals are seeking to further engineer their spam stealth.
During last Christmas, the massive hike in spam volumes flooded inboxes with spammers hoping they would trap people that way, said Miller. This was another form in the vast range of spam methods.
In the recent weeks, Miller said, E-mails Systems isolated hundreds of thousands of such spam mails compared to tens of thousands in 2007.
Although detecting encrypted file attachments is easy by determining its file size to 77 KB but spammers can vary the size in future. So, the best approach will be to have a system that won't permit encrypted e-mails to pass through.
Related article: Spammers Continue their Campaigns Successfully
» SPAMfighter News - 10-05-2007