Criminals using MP3 spam to ramp up share prices


Criminals using MP3 spam to ramp up share prices

Nick Booth

Music files are the best tools for criminals to bypass IT security, according to a report by MessageLabs Intelligence.

The security supplier's latest research indicates that MP3 files have now emerged as the most popular enablers of spam campaigns.

"The tool box of spam senders is constantly evolving, but MP3s are now the weapon of choice," said MessageLabs senior analyst Paul Wood. "People know they should not open emails from strangers, but entertainment is the best enticement."

Until recently, PDF files represented the best option for conducting spam campaigns. But as IT security experts become increasingly vigilant in their attempts to filter out these attempts to bypass security, criminals moved on to other media. "Until this year, most spam was text and HTML based, but now they are moving to more compelling media," Wood said.

On October 17, MessageLabs intercepted the first copies of an estimated 15 million e-mail spam run that lasted 36 hours. The audio file consisted of an automated British accented female voice urging people to invest in property shares from Exit Only Incorporated. "You would be surprised by how many people actually fall for a ruse like this," Wood said.

Most spam-enabling MP3 files have names such as Beatles.mp3, Britney.mp3 and Elvis.mp3, MessageLabs says. However, the shelf-life of this criminal tool is limited. "Once people cotton on to this, we expect the next wave of this crime to be tied up with Powerpoint files," Wood said.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy