TechTarget

Spam is getting more sophisticated, says MessageLabs

A new security study reveals that PDFs are becoming the weapon of choice for malevolent spam senders, as the file format frequently slips past security checks. In another twist, spam is increasingly being despatched to the non- profit sector, as charities and public bodies became more viable targets.

A new security study reveals that PDFs are becoming the weapon of choice for malevolent spam senders, as the file format frequently slips past security checks. In another twist, spam is increasingly being despatched to the non- profit sector, as charities and public bodies became more viable targets.

MessageLabs' Intelligence Report July 2007 noted increased adoption by more professional spammers who are now modifying the PDF files to bypass detection.

"Though PDF files have traditionally been a trusted type of e-mail attachment, we are beginning to see an increase in use for sinister activity," said Mark Sunner, chief security analyst at MessageLabs.

Approximately 20% of all image spam now involves PDFs. These days many PDF documents are created programmatically, with their document protection settings enabled. This gives them a better chance of bypassing detection by typical anti-spam scanners, said the MessageLabs report. They are also more likely to contain 'Bayes Poison,' long lists of randomly selected words never associated with spam, allowing the message to avoid detection.

"With a nearly 10% increase in malware this month, we believe this threat could become more malicious with the potential for spammers to embed malware in the PDFs, which would be automatically downloaded to the victim's computer," said Sunner.

Spammers tweak Storm worm to push PDF spam >>

Comment on this article: computer.weekly@rbi.co.uk

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close