Cyber Miscreants Overcome CAPTCHA Hurdle to Increase Spam

Web security provider, MessageLabs, announced on March 6, 2008 that spam analysis for February 2008 has revealed that up to 4.6% of total spam was sourced from Web mail services. Additionally, G-mail-based spam increased by double from 1.3% in January 2008 to 2.6% in February 2008 and the increased spam mainly promoted Websites containing adult material.

MessageLabs also pointed out that Yahoo! Mail accounts sent and received the maximum amount of spam with 88.7% of total Web mail related spam originating from the mail service.

In the recent times, hackers have been employing new techniques to enable them to escape from spam detection. One of them involves the anti-spam CAPTCHA system. This mechanism is designed to remove automated tools for signing up that spammers have started to use. The automated tools' elimination is possible because CAPTCHA requires carrying out a task, which only a human can do manually.

Once hackers devise a computational solution with a 20%-30% rate of success, they can create any number of e-mail accounts by using botnets and then push out spam or phishing e-mails from those accounts.

According to Chief Security Analysts at MessageLabs, Mark Sunner, spammers know a number of approaches to beat the CAPTCHA system putting pressure on e-mail service providers to cope with the spammers, as reported by Marketwire on March 6, 2008.

MessageLabs also indicated that during February 2008, targeted attacks with Trojan programs increased to around 30 each day, a rise of about 200% since 2007 ended. These attacks concentrate on specific targets in small numbers.

In one particular incident during February 2008, around 900 trojans targeted at reputed senior company executives globally. The attack used multiple vectors including malicious downloads and compromised Websites.

In fact, MessageLabs observed that businesses blocked Websites to a significant number in February 2008, an increase by 12.9% from January 2008. Businesses block unclassified sites to protect themselves from both existing and new threats.

Another driving force in spamming activity during February 2008 has been the notorious Storm botnet. The malware simultaneously increased its activity to compromise computers by crafting over 96% of malware-laced e-mails leading to malicious Websites.

Related article: Cyber Child abuser Sentenced To Imprisonment

» SPAMfighter News - 3/13/2008