Threats from ZIP, Excel & PDF Spam Persist
Internet Security Company SonicWALL Inc. collected data from its Smart Network database of more than 1.3 Million e-mail users to show that the volume of viruses, spam, and phishing attacks were continuously increasing. There was also an increase in the delivery of PDF spam, while ZIP and Excel spam has also emerged.
SonicWALL found that PDF spam was a persistent threat in the second quarter of 2007. These spam mails are typically without any or little text in the main message but have a PDF file attachment. The message usually promotes a drug or stock. The attachment has a malicious code and on opening it, the malware automatically downloads itself onto the victim's computer. According to SonicWALL, as spammers widely adopt PDF spam, it represents the new techniques they are finding to counter spam prevention measures.
PDF spam explains the ongoing innovation in spam mechanisms that try to beat anti-spam detection and lure users into opening e-mails that seemingly appear as regular business letters, said Andrew Klein, senior product manager for E-mail Security division of SonicWALL. CNN Money published Klein's statement on August 13, 2007.
The effectiveness of PDF spam lies in the fact that businesses are considering PDF as the most acceptable way for transferring information. As in phishing e-mails, here too, spammers manipulate the trust factor of consumers, to slip past both psychological and technical defenses, Klein added.
SonicWALL has also detected a growing volume of ZIP and Excel type spam in recent times. These spam also use the trust premise and manage to succeed by imitating legitimate correspondence and by convincing more recipients about the e-mail.
Klein explained how spammers mimic the behavior of people sending legitimate ZIP or PDF documents without including any message or just put a note "Here it is". When this happens, it is hard to point out to e-mail users how to recognize the genuine e-mails from the bogus ones. So if a user gets a PDF type spam mail in his/her inbox, there are high chances that the person would open it than if it were a traditional spam mail.
» SPAMfighter News - 31-08-2007