Spammers Trying Out FDF File Attachments
Spammers are experimenting with file attachments of a new format as they continue search for newer ways to escape their spam messages past filters or traps set for junk e-mails.
According to warnings by security companies, PDF spam is not only on the rise, but spammers have begun to use other formats related to it to promote their products. Moving ahead from unsolicited e-mails containing PDF or image attachments, users are now forced to accept spam mails in the Forms Data Format or FDF.
FDF, which is a subset of PDF, is something Adobe uses to export data out from PDF form fields. FDF format used as attachments in spam messages is capable of slipping past spam filters on the basis of file extensions. Research has shown that Acrobat or other PDF reader suites can read FDF files that have the same content as in pump-and-dump spams. spammers are putting this in their messages as their most recent effort to get around filtering systems.
Security companies for enterprises are observing a greater number of attachment-based junk e-mails. Symantec's latest figures show that the image spam is fading out, although not disappearing completely, declining from a peak of 52% in January 2007 to 8% in July. Even after considering the general suspects of Excel and PDF attachments, the report of first detection of FDF-based spam was from security vendor McAfee. McAfee reports that spammers have begun to put the FDF style attachments to their message.
Ron O'Brien, a senior security analyst at Sophos, agreed and said that the firm has seen a substantial amount of mails in FDF files, over the weekend. PC World published O'Brien's statement on August 13, 2007.
Following on the same line as of recent PDF spam scams, the FDF spam that the Finnish Internet security firm F-Secure intercepted, gambles "get rich quick" schemes in stock spam. According to F-Secure, there is no time that is right to invest following such pump and dump bids. As for the present time, it is particularly bad, when the global stock markets fell the second week of August 2007.
Related article: Spammers Continue their Campaigns Successfully
» SPAMfighter News - 30-08-2007