Spam once again on the rise
'Image-based' junk e-mail stumps the filters, for now
IDG News Service - Spam is again on the rise, led by a flood of junk images that spammers have crafted over the past few months to trick e-mail filters, according to security vendors.
Called "image-based" spam, these junk images typically do not contain any text, making it harder for filters that look for known URLs or suspicious words to block them.
Instead of a typed message, users will see only an embedded .gif or .jpeg image file urging them to buy pharmaceuticals or invest in penny stocks.
Antispam vendor Cloudmark Inc. says that half of the incoming spam is now image-based on the "honeypot" systems it puts out on the Internet to lure spammers. "About a year-and-a-half ago we started seeing a little bit of it, but it wasn't until the past six months that it became a serious issue for many antispam companies," said Adam O'Donnell, a senior research scientist with the company.
Image-based spam has jumped from about 1% of all spam messages in June 2005 to around 12% today, according to Craig Sprosts, senior product manager with IronPort Systems Inc.
Its growth is helping to fuel a global resurgence in spamming, Sprosts said.
The total number of spam messages sent daily is up 40% since April, Sprosts said. Much of this new spam is coming from a "relatively small group of spammers with control over very large zombie networks," of hijacked computers, he said.
Spammers now generate an estimated 55 billion messages per day, according to IronPort. A year ago that number was 30 billion e-mail messages per day.
The combination of greater volume and better techniques has meant more complaints for network administrators.
Administrators at Avnet Inc. have started stripping certain embedded image files out of all messages, after seeing an uptick in image-based spam two months ago, said Rob Kudray, manager of messaging services with the computer distributor.
One other tactic that is helping keep in-boxes full is the spammers' practice of constantly registering new domains. Of the 35 million domains registered in April, 32 million were never paid for and expired after five days, Sprosts said. He believes that many of those domains were used by spammers to send out their unsolicited e-mail during that five-day grace period.
This technique makes it very difficult to blacklist e-mail based on the URLs it contains. "Traditional blacklists and whitelist approaches just can't keep up with how fast they're registering new domains and changing the URLs in the e-mail," Sprosts said.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Market Overview: Digital Customer Experience Delivery Platforms Forrester states that businesses today struggle to understand and use the tools necessary to create and manage unified, multichannel digital customer experiences across...
- On-demand webinar - 7 Keys to Service Catalog Implementation Success Watch this webinar to learn 7 crucial keys to make your service catalog a success!
- Transform Your IT Service Management Watch this webinar, to learn how EasyVista can increase IT productivity & efficiency and deliver streamlined & integrated IT Service & Asset Mgmt. All Malware and Vulnerabilities White Papers | Webcasts