backtop


Print 40 comment(s) - last by Cullinaire.. on Nov 20 at 1:20 AM


Day-to-day levels of image spam in September and October 2006
It's like the FBI's most wanted list for spam

Spamhaus, an international non-profit organization whose mission is to track the Internet's Spam Gangs, has released list of the top 10 spam offenders of the year.

 

Of all Internet Service Providers (ISP) in the world, Verizon Business is the number one offender on the list with almost triple the number of current known spam issues as its competitor SBC Communications.

 

Given that the most spammy ISPs are American, then it should come as no surprise that the United States leads all other countries with 1,983 current known spam issues. The next country in line is China with 304 known issues.

 

The worst spammers, however, are a different geographic picture, with the top (dis)honor going to Alex Blood of the Ukraine. Out of the top 10 spammers list, more than half were from Eastern Europe. The U.S. made the list twice at spots third and tenth.

 

Sophos, another company specializing in IT security, has published its own report on the top 12 spam relaying countries over the third quarter of 2006. Sophos’ results differ slightly from those of Spamhaus’, though the leading nations of the United States and China maintain their spots in both.

 

The United States relays 21.6 percent of the world’s spam, with China at 13.4 percent. The next two closest countries are France and South Korea, both at a comparatively lower 6.3 percent.

 

"Most unsolicited emails are now sent from zombie PCs - computers infected with Trojans, worms and viruses that turn them into spam-spewing bots. In the past hackers were very reliant on operating system vulnerabilities to convert an innocent computer into a zombie - now they are turning back to malware to trick users into running their malicious code, and opening the backdoor to hackers," said Carole Theriault, senior security consultant at Sophos. "Hundreds of new versions of the Stratio worm have helped steadily increase the volume of spam seen traveling across the net."

 

Embedding images is the latest tactic employed by spammers, and accounts for nearly 40% of all spam. Since many spam filters work by analyzing text, images have a greater chance of passing through undetected. Animated gifs also pose additional challenges for spam filters with its multiple layers of images.

 

Spammers are turning to new tricks in order to acquire email addresses. According to the Sophos report, the first asks recipients to forward their chain emails for a fake research project, while another campaign encourages users to visit a video tribute website, which then requests their email address in order to view the full video.

 

"Integrated anti-malware and anti-spam protection is getting the better of illegal spam peddlers - forcing them to get more creative and crooked. However, if people are playing their security cards right, the spammers' efforts will still be in vain," continued Theriault. "What's most surprising is that those behind these intrusive emails continue to take their chances, despite hefty fines and sentences being dealt out to guilty spammers around the world."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Pretty exact...
By Hoser McMoose on 11/17/2006 5:19:11 PM , Rating: 2
quote:
Also can you contain a dangerous code inside a image or is that too far-fetched?


A few years ago I would have laughed and said it was too far fetched, but history has proven otherwise. There have already been at least a couple of remote-exploit vulnerabilities that made use of bugs in how images were displayed. The first one was really scary because along with using this exploit a malicious hacker also hijacked a banner-ad site and loaded these exploit images there. As such, just visiting a fairly benign site (I beleive www.theregister.co.uk was hit, among others) could result in your system being hacked. Not nice at all!

What's probably a more common concern is tracking images. These are really just bits of HTML code which request a specific "image" file, but the file name or some extension are just used to specifically track a particular e-mail. The idea is that by opening your e-mail and having it display this "image", it will send a unique reply back to the spammer letting them know that your e-mail is active and you open spam messages.

As for spam filtering, fortunately it's getting pretty good. I'm using Yahoo and I get about 10-20 spam messages as day, but probably about 99% of them get filtered. The bigger worry for me is always false positives. In my mind a spam filter is complete pointless if you still have to go through your Junk Mail folder manually and check for false positives, so I would MUCH rather a slightly lower detection rate while being able to silently delete the obvious spam. Early on Yahoo was bad for false positives, but they've gotten a LOT better. I am still a bit concerned though, so I have auto-delete turned off for the moment. If I don't see any false positives before the end of the year I'll probably consider it safe to turn auto-delete back on.


"What would I do? I'd shut it down and give the money back to the shareholders." -- Michael Dell, after being asked what to do with Apple Computer in 1997











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki