MessageLabs: 20 percent of image spam uses PDFs

Share this article:

One of five image spam emails captured during July contained a scam PDF document, according to research released this week by messaging security vendor MessageLabs.

The company concluded that the technique has been adopted by professional spammers, due to the use of sophisticated techniques, such as attaching a unique randomized and non-text-based PDF to every spam email, as well as the use of random page sizes.

What MessageLabs considers amateur PDF spam emails contain documents created with Microsoft Word that use the same PDF for an entire spam run, according to MessageLabs, which has its U.S. headquarters in New York.

Paul Wood, senior analyst at MessageLabs, told SCMagazine.com today that researchers have noted a change in PDF image spam in recent months.

"I think that this has been an evolution that’s really kicked off over the past couple of months," he said. "The assumption is that the PDFs are legitimate files that people are sending around, and spammers don’t usually go to those lengths."

Research found that more than 28 percent of July malware was new, a 10 percent increase in that category from June, and that nearly 90 percent of web-based viruses and 62 percent of spyware was unclassified. The organization said that it identified and blocked nearly 1,000 new sites last month.

The global ratio of spam in email traffic, however, decreased by 1.4 percent since June, while phishing attacks rose by 0.09 percent.

Mark Sunner, MessageLabs’ chief security analyst, said that spammers may soon use the technique to spread malware.

"Though PDF files have traditionally been a trusted type of email attachment, we are beginning to see an increase in use for sinister activity," he said. "With a nearly 10 percent increase in malware this month, we believe this threat could become more malicious with the potential for spammers to embed malware in the PDFs, which would be automatically downloaded to the victim’s computer."

The study reinforces other research claiming that spammers are increasingly switching from traditional image spam to junk emails containing attachments for pump-and-dump scams.

Commtouch’s lab disclosed this week that it has witnessed a spike in spam using ZIP files as attachments.

Spammers are also increasingly using Excel attachments, according to various messaging security vendors.

 

Click here to email Online Editor Frank Washkuch Jr.

Click here for the latest SC Magazine Podcast – July 30, 2007: Is the iPhone an IT security threat?

Share this article:

Sign up to our newsletters

More in News

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.

Outdated browsers put U.K. users at risk of malware

A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers

Survey: 53 percent change privileged logins quarterly

A Lieberman Software survey highlights the issue or poor password management, even among security pros.