Spam is getting more sophisticated, says MessageLabs

News

Spam is getting more sophisticated, says MessageLabs

Nick Booth

A new security study reveals that PDFs are becoming the weapon of choice for malevolent spam senders, as the file format frequently slips past security checks. In another twist, spam is increasingly being despatched to the non- profit sector, as charities and public bodies became more viable targets.

MessageLabs' Intelligence Report July 2007 noted increased adoption by more professional spammers who are now modifying the PDF files to bypass detection.

"Though PDF files have traditionally been a trusted type of e-mail attachment, we are beginning to see an increase in use for sinister activity," said Mark Sunner, chief security analyst at MessageLabs.

Approximately 20% of all image spam now involves PDFs. These days many PDF documents are created programmatically, with their document protection settings enabled. This gives them a better chance of bypassing detection by typical anti-spam scanners, said the MessageLabs report. They are also more likely to contain 'Bayes Poison,' long lists of randomly selected words never associated with spam, allowing the message to avoid detection.

"With a nearly 10% increase in malware this month, we believe this threat could become more malicious with the potential for spammers to embed malware in the PDFs, which would be automatically downloaded to the victim's computer," said Sunner.

Spammers tweak Storm worm to push PDF spam >>

Comment on this article: computer.weekly@rbi.co.uk


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy