MP3 Music Files, Another Progress in Spamming Techniques
Although getting smaller in size, the Storm Worm botnet still manages to push out massive amount of spam. Recently in October, it dispatched 15 Million audio spam mails to consumers' mailboxes, said MessageLabs, leading provider of anti-spam products.
The company for e-mail security, MessageLabs, has issued a warning to users in its October 2007 Intelligence Report to be wary of spammers who innovatively include audio attachment in unsolicited e-mails as they turn away from text attachments.
Currently, spammers are introducing MP3 music files in their messages as a way to bypass filter defenses. MessageLabs has estimated that around 15 Million stock spam mails, apparently carrying MP3 music files, were delivered to users' inboxes. The file names were Britney.mp3, beatles.mp3, and elvis.mp3 taken after renowned recording artists.
The much known pump-and-dump or penny stock scam uses a way to push up stock prices to provide spammers an opportunity to make quick money after dumping the stocks at the artificial rates. spammers using this kind of scam have been sending out messages with Excel and .pdf attachments during the recent past.
However, in the new stock spam scam, as users open the .mp3 files, they hear not any serene music but crude sounding 'voice over' for 25 seconds that encourage them to purchase a company's shares. The files are set at a low size of 50 KB so that they can evade detection by spam filters.
Chief Security Analyst Mark Sunner for MessageLabs said that the MP3-styled spam is a natural evolution from Excel and PDF-styled junk e-mails that prevailed over the past months this year. ZDNet reported this on October 30, 2007. Like always, when users would get familiar with the MP3 attachments, scammers will find a yet new tactic.
The trend of such progression indicates the innovative nature of spammers. As image-based spam move out from attachments in e-mails to graphics on free sites, it would not be long when spammers would employ similar approach to audio-styled spam to send their message through free sites like MySpace, Google Video, or other media sites hosting various types of media content while competing in the market.
Related article: MoAB Disclose Two Bugs On Two Successive Days
» SPAMfighter News - 16-11-2007
We are happy to see you are reading our IT Security News.