resource center
  See your link here
|
IDG News Service - Spam is again on the rise, led by a flood of junk images that spammers have crafted over the past few months to trick e-mail filters, according to security vendors.
Called "image-based" spam, these junk images typically do not contain any text, making it harder for filters that look for known URLs or suspicious words to block them.
Instead of a typed message, users will see only an embedded .gif or .jpeg image file urging them to buy pharmaceuticals or invest in penny stocks.
Antispam vendor Cloudmark Inc. says that half of the incoming spam is now image-based on the "honeypot" systems it puts out on the Internet to lure spammers. "About a year-and-a-half ago we started seeing a little bit of it, but it wasn't until the past six months that it became a serious issue for many antispam companies," said Adam O'Donnell, a senior research scientist with the company.
Image-based spam has jumped from about 1% of all spam messages in June 2005 to around 12% today, according to Craig Sprosts, senior product manager with IronPort Systems Inc.
Its growth is helping to fuel a global resurgence in spamming, Sprosts said.
The total number of spam messages sent daily is up 40% since April, Sprosts said. Much of this new spam is coming from a "relatively small group of spammers with control over very large zombie networks," of hijacked computers, he said.
Spammers now generate an estimated 55 billion messages per day, according to IronPort. A year ago that number was 30 billion e-mail messages per day.
The combination of greater volume and better techniques has meant more complaints for network administrators.
Administrators at Avnet Inc. have started stripping certain embedded image files out of all messages, after seeing an uptick in image-based spam two months ago, said Rob Kudray, manager of messaging services with the computer distributor.
One other tactic that is helping keep in-boxes full is the spammers' practice of constantly registering new domains. Of the 35 million domains registered in April, 32 million were never paid for and expired after five days, Sprosts said. He believes that many of those domains were used by spammers to send out their unsolicited e-mail during that five-day grace period.
This technique makes it very difficult to blacklist e-mail based on the URLs it contains. "Traditional blacklists and whitelist approaches just can't keep up with how fast they're registering new domains and changing the URLs in the e-mail," Sprosts said.
IDG.net
Share our Strength
Download Now
Extending Client Refresh - 11 Steps to Maximize Savings
Register Now!
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!
Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!
Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!
Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!
Consolidate Your Servers and Storage to Lower Costs with Oracle Database 11g
Register for this webcast!
Not Just Words: Enforce Your Email and Web Acceptable Usage Policies
Get this paper now!
The Commercialization of ITIL: Lessons Learned
Register for this event today!
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
