Application security, Incident Response, Malware, Phishing, TDR

Cybercrooks beating CAPTCHA to send more spam

Spam originating from popular webmail services are spiking now that junk mailers have found ways to evade the challenge-response requirements for opening an account, a new study from email security firm MessageLabs reveals.

According to the company's Intelligence Report for February, 4.6 percent of spam originates from webmail-based services, notably Yahoo, Hotmail and Gmail. While Yahoo still remains the most targeted webmail provider - accounting for 88.7 of all webmail spam - the amount of spam being sent through Gmail doubled from 1.3 percent in January to 2.6 percent in February.

Experts attribute the overall increases in webmail spam traffic to attackers being able to crack the  CAPTCHA functions, an authentication test that ensures the person signing up for the email account is a human - not a bot - by requiring he or she enter in a random number or text image.

Matt Sergeant, senior anti-spam technologist at MessageLabs, said spammers are creating and using artificial intelligence software that can understand and read CAPTCHA tests.

"This is something fairly new in terms of the spammers actually succeeding with this," he said. "They've put their minds to it. The spammers aren't dumb. They have the technology and once they put their minds to something, they can build it."

It appears Gmail's and Hotmail's CAPTCHA authentication tools have been more difficult to beat than Yahoo, so some spammers are now actually hiring individuals to manually perform the CAPTCHA tests on new email accounts, Sergeant said.

"They (spammers) are using botnets to sign up for Gmail, but they can't complete the transaction," he said. "They can't programmatically beat CAPTCHA, so to close the loop, they have a room full of humans that send the CAPTCHAs. It must be a very boring world. I feel very bad for those people."

According to Webense, spammers are also beginning to have at least some success automatically defeating the Gmail CAPTCHA algorithm.

A Google spokesman told SCMagazineUS.com in an email that the company immediately disables any accounts being used to distribute spam.

Representatives from Yahoo did not  respond to a request for comment.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.