E-mail security firm SonicWall says PDF-, Excel- and Zip-based spam is on the increase.
During the second quarter of 2007, PDF spam emerged as a persistent threat, said the supplier. These types of e-mail attacks typically contain little or no text in the body, but an attached PDF file containing malicious code.
SonicWall says the widespread adoption of PDF spam illustrates the adaptability of spammers in finding new techniques to counteract image-spam prevention techniques.
"PDF spam demonstrates the continued innovation in spam techniques that attempt to bypass anti-spam detection and trick employees into opening e-mails that give the appearance of legitimate business letters," said Andrew Klein, senior product manager for SonicWall's e-mail security division.
"PDF spam is effective because files in PDF format have long been considered an acceptable way for businesses to transfer information. Much like phishing e-mails, spammers have manipulated the trust factor to get past both technical and psychological defences," he said.
More recently, SonicWall has detected an increasing amount of Excel and ZIP file spam.
Klein said, "Think about how many times you have fired off a PDF or ZIP file to someone with no message or a simple note along the lines of 'here it is'. Spammers are mimicking this behaviour."
As a result, he said, it is difficult to educate email users as to which emails to open and which to ignore.
Comment on this article: firstname.lastname@example.org