Bounce-back spam sees 2,000 percent spurt
Wednesday, September 16, 2009
The latest hot trend in spam appears to be email messages that spoof non-delivery reports (NDR), the messages users receive when their email bounces back from a non-existent email address or system failure.
Last month, spam messages resembling NDRs exploded by 2,000 percent from the rate of the first six months of the year and made up 20 percent of all spam email in August, according to email security experts at Panda Security.
NDR messages are usually legitimate, but this mail server function is being exploited by spammers using the sender's real name, Panda reported. Spam content is sent as an attachment to the fake NDR.
According to Luis Corrons, technical director of PandaLabs, "there is presently no consensus on whether NDRs are a technique to evade anti-spam filters or a collateral effect of dictionary attacks; either way, this technique is now among the most widely used."
Since most NDRs are legitimate emails and part of the mail server functionality, many traditional email filtering techniques do not detect or block them, he said.
Spam now makes up close to 90 percent of all global email, representing billions of spam messages each day. Most spam is generated automatically through botnets - networks of PCs that have been taken over by attackers.
Related News:
Email filtering still top priority - 3.18.2010
Despite the recent success authorities have enjoyed in shutting down certain major botnets such as Waledac and Mariposa, the BBC recently reported that spam levels have not faltered greatly and the threat of infection from the tainted messages is still very real.
Social networking games profting from malware, moving to iPhone - 3.15.2010
Games like Farmville and Mafia Wars have become increasingly popular on popular social networking sites like Facebook. For users who pay for the service, the threat of malware and spam is minimal. However, those who provide contact information and fill out surveys in exchange for points in the games open themselves up to scareware, spam and other problems.
Web security breaches rock Hotmail - 3.12.2010
Users of Microsoft's free email service are advised by the Redmond, Washington-based software giant to change their passwords and be vigilant as an increase in spam activity on the site has led to web security breaches.
Spam won't go away, but it can be avoided - 3.10.2010
Email filtering works to an extent in ridding computers of spam, but those pesky emails offering millions of dollars for nothing and inexpensive prescription drugs always seem to find a way through even the most stringent filters.
Spammer arrested on extortion charges - 3.9.2010
A California man was arrested and charged with extortion following a threat he made to insurance company New York Life to send spam emails aimed at hurting the company's reputation. Anthony Digati of Chino, California also planned to send spam to the company in hopes of receiving $200,000.
|
