MessageLabs: 20 percent of image spam uses PDFs

Share this article:

One of five image spam emails captured during July contained a scam PDF document, according to research released this week by messaging security vendor MessageLabs.

The company concluded that the technique has been adopted by professional spammers, due to the use of sophisticated techniques, such as attaching a unique randomized and non-text-based PDF to every spam email, as well as the use of random page sizes.

What MessageLabs considers amateur PDF spam emails contain documents created with Microsoft Word that use the same PDF for an entire spam run, according to MessageLabs, which has its U.S. headquarters in New York.

Paul Wood, senior analyst at MessageLabs, told today that researchers have noted a change in PDF image spam in recent months.

"I think that this has been an evolution that’s really kicked off over the past couple of months," he said. "The assumption is that the PDFs are legitimate files that people are sending around, and spammers don’t usually go to those lengths."

Research found that more than 28 percent of July malware was new, a 10 percent increase in that category from June, and that nearly 90 percent of web-based viruses and 62 percent of spyware was unclassified. The organization said that it identified and blocked nearly 1,000 new sites last month.

The global ratio of spam in email traffic, however, decreased by 1.4 percent since June, while phishing attacks rose by 0.09 percent.

Mark Sunner, MessageLabs’ chief security analyst, said that spammers may soon use the technique to spread malware.

"Though PDF files have traditionally been a trusted type of email attachment, we are beginning to see an increase in use for sinister activity," he said. "With a nearly 10 percent increase in malware this month, we believe this threat could become more malicious with the potential for spammers to embed malware in the PDFs, which would be automatically downloaded to the victim’s computer."

The study reinforces other research claiming that spammers are increasingly switching from traditional image spam to junk emails containing attachments for pump-and-dump scams.

Commtouch’s lab disclosed this week that it has witnessed a spike in spam using ZIP files as attachments.

Spammers are also increasingly using Excel attachments, according to various messaging security vendors.


Click here to email Online Editor Frank Washkuch Jr.

Click here for the latest SC Magazine Podcast – July 30, 2007: Is the iPhone an IT security threat?

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Beazley: employee errors root of most data breaches, but malware incidents cost ...

Insurance firm Beazley analyzed more than 1,500 data breaches it serviced between 2013 and 2014.

Apple issues seven updates, fixes more than 40 vulnerabilities in iOS 8, OS 10.9.5

Apple issues seven updates, fixes more than 40 ...

In one of its infrequent "Update Surprisedays," Apple plugged holes, boosted security and added features.

Canadian telecom co. Telus unveils first transparency report

The company received more than 100,000 government requests for customer data last year.