resource center
  See your link here
|
IDG News Service - Spam is again on the rise, led by a flood of junk images that spammers have crafted over the past few months to trick e-mail filters, according to security vendors.
Called "image-based" spam, these junk images typically do not contain any text, making it harder for filters that look for known URLs or suspicious words to block them.
Instead of a typed message, users will see only an embedded .gif or .jpeg image file urging them to buy pharmaceuticals or invest in penny stocks.
Antispam vendor Cloudmark Inc. says that half of the incoming spam is now image-based on the "honeypot" systems it puts out on the Internet to lure spammers. "About a year-and-a-half ago we started seeing a little bit of it, but it wasn't until the past six months that it became a serious issue for many antispam companies," said Adam O'Donnell, a senior research scientist with the company.
Image-based spam has jumped from about 1% of all spam messages in June 2005 to around 12% today, according to Craig Sprosts, senior product manager with IronPort Systems Inc.
Its growth is helping to fuel a global resurgence in spamming, Sprosts said.
The total number of spam messages sent daily is up 40% since April, Sprosts said. Much of this new spam is coming from a "relatively small group of spammers with control over very large zombie networks," of hijacked computers, he said.
Spammers now generate an estimated 55 billion messages per day, according to IronPort. A year ago that number was 30 billion e-mail messages per day.
The combination of greater volume and better techniques has meant more complaints for network administrators.
Administrators at Avnet Inc. have started stripping certain embedded image files out of all messages, after seeing an uptick in image-based spam two months ago, said Rob Kudray, manager of messaging services with the computer distributor.
One other tactic that is helping keep in-boxes full is the spammers' practice of constantly registering new domains. Of the 35 million domains registered in April, 32 million were never paid for and expired after five days, Sprosts said. He believes that many of those domains were used by spammers to send out their unsolicited e-mail during that five-day grace period.
This technique makes it very difficult to blacklist e-mail based on the URLs it contains. "Traditional blacklists and whitelist approaches just can't keep up with how fast they're registering new domains and changing the URLs in the e-mail," Sprosts said.
IDG.net
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.
Best Practices for Log Monitoring
Watch Now!
US Military Command Prevents Zero Day Attack with Application Whitelisting
Download this Whitepaper Today!
Data in Action: Making the Planet Smarter
Register Now
Employee Web Use and Misuse
Download this new White Paper today!
The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.
Get More from Your IT Budget
Download this new white paper today!
Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2010 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
