No, you're not imagining things. You have been getting a lot of
spam lately.
 | | | | | This is an all-time high, and it
shows that spammers are increasingly aggressive and sophisticated
in their techniques.
Daniel Druker,
executive vice president of marketingPostini
Inc. |
| | | | | |
| |
|
That's because digital miscreants are using contaminated images
and stealthy malware to unleash unsolicited email at unprecedented
levels, according to new research from San Carlos, Calif.-based
Postini Inc. and UK-based Sophos. Attackers use these tactics to
hijack computers and turn them into spam relays, often without the
user's knowledge.
"Bot activity is the major driver here," said Daniel Druker,
Postini's executive vice president of marketing. "Bot-infected
machines become part of these zombie PC armies that are used to
push out spam."
Postini has watched spam levels spike by nearly 60% in the last
eight weeks, and Druker said 91% of all email is now spam. Over the
past 12 months, the daily volume of spam rose by 120%, he added.
Postini monitors 10 million users across 36,000 businesses
worldwide. Of that number, the average user gets seven wanted
emails a day, while Postini blocks 77 unwanted emails a day.
"That's for the average user," he said. "This is an all-time
high, and it shows that spammers are increasingly aggressive and
sophisticated in their techniques."
Postini has tracked more than a million bot-infected computers
that coordinate spam and malware attacks each day. About 50,000 of
these machines are active at any given moment, Druker said.
He added that spammers are also continuously evolving their
tactics. Spam that includes contaminated images and Microsoft
Office documents now account for as much as 30% of all junk
messages, up from 2% in 2005.
"Hackers now use techniques such as rearranging as many as 25
tiny
images into a message in an HTML email or using animated .gif
attachments to bypass optical character recognition technology in
an effort to bypass email security systems," Druker said.
The company also found that spam surges are almost always tied
to malware outbreaks. "A few weeks after a virus outbreak we see a
big up tick in spam," he said.
The overall nature of spam has also changed, he said. Spam used
to be the product of annoying but relatively harmless marketers.
Now it's being produced by
organized criminal operations.
"The economics are clearly in favor of the bad guys because it
costs nothing to make a virus and spam run. But for businesses it's
very costly," Druker said. "Spam isn't just clogging email servers.
It's coming embedded with malicious links that can be used to
infect the network. Phishing and other fraud is a huge factor --
spamming out URLS that could be used to steal your personal data or
infect your machine."
Sophos Senior Technology Consultant Graham Cluley agreed with
that assessment.
"The sheer number of compromised PCs means that the amount of
spam flying about the net is higher than ever," Cluley said.
The increased use of image spam is particularly bad, he said,
because antispam filters still struggle to identify and stop
it.
For the third quarter of 2006, Cluley said the top five
spam-relaying countries were:
- United States, 21.6%
- China, 13.4%
- France, 6.3%
- South Korea, 6.3%
- Spain, 5.8%
Sophos concluded that a possible reason for America's increasing
lead in relayed spam when compared to its closest rival, China, is
the emergence of over 300 strains of the mass-spammed Stratio worm.
The worm, also known as Stration and Warezov, "uses a trick
dependent on the victim being able to speak English in its attempt
to convert innocent PCs into members of a spam botnet," Sophos said
on its
Web site.
The use of spam containing embedded images currently accounts
for nearly 40% of all spam, by Sophos' count. The vast majority of
that type of spam is being used in "pump-and-dump" stock spam
campaigns.
"This trick gives spammers a better chance of having their
messages read, since images can avoid detection by those antispam
filters that can only analyze textual content," Sophos said.
"Often, image spam is animated to further help the message bypass
the filter. Having multiple layers of images loaded on top of each
other adds noise, which complicates the message by making every one
unique."