One of five image spam emails captured during July contained a scam PDF document, according to research released this week by messaging security vendor MessageLabs.
The company concluded that the technique has been adopted by professional spammers, due to the use of sophisticated techniques, such as attaching a unique randomized and non-text-based PDF to every spam email, as well as the use of random page sizes.
What MessageLabs considers amateur PDF spam emails contain documents created with Microsoft Word that use the same PDF for an entire spam run, according to MessageLabs, which has its U.S. headquarters in New York.
Paul Wood, senior analyst at MessageLabs, told SCMagazine.com today that researchers have noted a change in PDF image spam in recent months.
"I think that this has been an evolution that’s really kicked off over the past couple of months," he said. "The assumption is that the PDFs are legitimate files that people are sending around, and spammers don’t usually go to those lengths."
Research found that more than 28 percent of July malware was new, a 10 percent increase in that category from June, and that nearly 90 percent of web-based viruses and 62 percent of spyware was unclassified. The organization said that it identified and blocked nearly 1,000 new sites last month.
The global ratio of spam in email traffic, however, decreased by 1.4 percent since June, while phishing attacks rose by 0.09 percent.
Mark Sunner, MessageLabs’ chief security analyst, said that spammers may soon use the technique to spread malware.
"Though PDF files have traditionally been a trusted type of email attachment, we are beginning to see an increase in use for sinister activity," he said. "With a nearly 10 percent increase in malware this month, we believe this threat could become more malicious with the potential for spammers to embed malware in the PDFs, which would be automatically downloaded to the victim’s computer."
Spammers are also increasingly using Excel attachments, according to various messaging security vendors.
Click here to email Online Editor Frank Washkuch Jr.
Click here for the latest SC Magazine Podcast – July 30, 2007: Is the iPhone an IT security threat?