Online Spam Is Getting Worse

Published: Tuesday, October 17, 2006 Online-Casinos.com

ONLINE SPAM GETTING WORSE

Most spam is generated by zombies, and eBay and Paypal are the main phishing targets


According to an analysis released by the Israeli specialist technology company Commtouch Software Ltd this week, Internet spam attacks - and in particular image spam and zombie-generated spam - grew during the third quarter of 2006, achieving new and alarming levels of 3.5 million attack patterns in a single day. Each attack pattern is typically comprised of tens of thousands of emails.

With over 15 years experience in the field, Commtouch Software Ltd., is geared to protect and preserve the integrity of email communications, using proprietary and specially developed messaging software, anti-spam and Zero-Hour virus protection solutions. Using core technologies including RPD (Recurrent Pattern Detection), the Commtouch Detection Center analyses billions of email messages every month to identify new spam and malware outbreaks within minutes of their introduction into the Internet.

Image spam becoming more common

At 30 percent of all spam, Image spam increased in number and severity during the quarter, reaching as high as 50 percent of all spam in peak distribution timeframes.

Image-spammers added new complexity to their wares during the quarter, coming out with animated images distributed on a massive scale for the first time. These animated images are typically comprised of three to seven individual frames that play in repetition, similar to a movie. The main message is in a single frame that appears for the longest time - around 25 seconds - and the other frames contain either subliminal messages (e.g. "buy ... buy ... buy ...") or random pixels to attempt to fool anti-spam technologies.

Animated image spam typically weighs 44KB, around eight times the size of regular textual spam, which averages around 5.5KB.

Based on Commtouch's analysis, on average, image-based spam accounts for 30 percent of all spam. Since it is typically five to eight times larger than text spam, total bandwidth consumption and redundant storage necessitated by spam has more than doubled since the beginning of the year.

"The bandwidth and storage requirements of such resource-intensive spam weighs heavily on most IT organizations," said Amir Lev, Commtouch's CTO. "In addition to the sheer size of each individual message, the spam messages are sent in enormous quantities, which can overload an enterprise if it is not using an anti-spam engine that knows how to identify and block them."

Spammers have also started using images in PNG format, where previously they were using only GIF images. This is another method to try to bypass anti-spam filters.

Spam Distribution Networks Growing as Zombies Take Over Home PCs

Zombie networks or 'botnets' have grown in size and severity throughout the quarter, as well. Commtouch research identified hundreds of thousands of newly activated zombie machines each day throughout the third quarter. Zombies are typically compromised home computers with a broadband connection to the Internet. Commtouch research found that on average, 85 percent of spam messages sent during the third quarter of 2006 were sent via zombie-infected computers without the knowledge of the owners.

"Zombie networks are impossible to block out by traditional 'blacklisting' since they are constantly changing," Lev commented. "They are like the fireflies of the spam universe - the zombie is born when the computer gets infected by rogue software, but it only remains active for a short time from the same IP address. Only a real-time detection engine can provide effective protection against zombie-generated spam messages."

What's All the Spam About?

Spam touting penny stocks has been increasing in the last several quarters due to recent barrages of image-based spam. Stock scams are tailor-made for image-based spam, since they do not require any hyperlinks to spammer web sites, instead simply directing the reader to purchase the stock. Below is the breakdown of the most pervasive content of spam messages for the third quarter of 2006:

Pharmaceuticals : 27 percent
Stock/Shares : 18 percent
Sex Enhancers : 12 percent
Finance/mortgages : 11 percent
Gambling : 11 percent
Pornography : 6 percent
Other : 15 percent

Watch out for the Phishers

Phishing, i.e. attempted fraud via email, is rising with the ever-rising tidal wave of spam. Commtouch research shows that during the third quarter, nearly half of all phishing attempts preyed on account holders in eBay or Paypal, divided nearly equally between the two (24 percent eBay, 24 percent Paypal).

Phishing email messages typically use social engineering tactics to make the reader believe that they are viewing a legitimate communication from a financial institution. Then users are lured into providing their usernames and passwords by "logging in" to the fictitious site which they access by clicking a hyperlink in the email.

"Regardless of the anti-spam legislation in effect in many countries, we see that the spam problem is getting worse with each passing day," claims Lev. "Double-digit percentages of image-based spam, enormous zombie spam networks, growth in phishing attempts - it all points to the fact that legislation alone can never solve the problem. The answer is rooted in technology-based filtering and blocking."

Commtouch RPD technology for fighting spam and email-borne malware relies on analysing distribution patterns of billions of email messages to block phishing attempts and image-based spam effectively.

Integrated by more than 50 OEM partners, Commtouch technology protects thousands of organisations, with over 50 million users in over 100 countries. Commtouch is headquartered in Netanya, Israel, and has a subsidiary in Mountain View, CA. For more information, see: www.commtouch.com, including the Commtouch online lab detailing spam statistics and charts.