MessageLabs: 20 percent of image spam uses PDFs

Share this article:

One of five image spam emails captured during July contained a scam PDF document, according to research released this week by messaging security vendor MessageLabs.

The company concluded that the technique has been adopted by professional spammers, due to the use of sophisticated techniques, such as attaching a unique randomized and non-text-based PDF to every spam email, as well as the use of random page sizes.

What MessageLabs considers amateur PDF spam emails contain documents created with Microsoft Word that use the same PDF for an entire spam run, according to MessageLabs, which has its U.S. headquarters in New York.

Paul Wood, senior analyst at MessageLabs, told SCMagazine.com today that researchers have noted a change in PDF image spam in recent months.

"I think that this has been an evolution that’s really kicked off over the past couple of months," he said. "The assumption is that the PDFs are legitimate files that people are sending around, and spammers don’t usually go to those lengths."

Research found that more than 28 percent of July malware was new, a 10 percent increase in that category from June, and that nearly 90 percent of web-based viruses and 62 percent of spyware was unclassified. The organization said that it identified and blocked nearly 1,000 new sites last month.

The global ratio of spam in email traffic, however, decreased by 1.4 percent since June, while phishing attacks rose by 0.09 percent.

Mark Sunner, MessageLabs’ chief security analyst, said that spammers may soon use the technique to spread malware.

"Though PDF files have traditionally been a trusted type of email attachment, we are beginning to see an increase in use for sinister activity," he said. "With a nearly 10 percent increase in malware this month, we believe this threat could become more malicious with the potential for spammers to embed malware in the PDFs, which would be automatically downloaded to the victim’s computer."

The study reinforces other research claiming that spammers are increasingly switching from traditional image spam to junk emails containing attachments for pump-and-dump scams.

Commtouch’s lab disclosed this week that it has witnessed a spike in spam using ZIP files as attachments.

Spammers are also increasingly using Excel attachments, according to various messaging security vendors.

 

Click here to email Online Editor Frank Washkuch Jr.

Click here for the latest SC Magazine Podcast – July 30, 2007: Is the iPhone an IT security threat?

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.