Application security, Critical Infrastructure Security, Incident Response, Malware, Phishing, TDR

Spam grows as senders use slicker ways to trick users

Whether they are sending out socially engineered messages, moving to new attack vectors such as mobile devices or using botnets to distribute their unwanted emails, spammers are displaying new levels of ingenuity to dupe users, two spam reports released Monday show.

Symantec's MessageLabs Intelligence Report, which analyzed trends so far this month, showed that the amount of spam has jumped nearly five percent since December to about 75 percent of all email -- placing it close to levels right before rogue internet service provider McColo was taken offline.

Going forward, unwanted mail will continue to serve as a vehicle for infecting users, according to new data from Google, as detailed in a blog post.

“If you look back at everything we saw [during 2008], the big takeaway is the unpredictable nature of spam,” Adam Swidler, senior product marketing manager for the Google Message Security team, told 

Blended attacks -- malware distributed through malicious links and attachments sent through spam -- will remain a serious threat, Swidler said. Spam will continue to evolve in sophistication by leveraging social engineering tactics to mimic legitimate emails, such as shipping tracking forms and fake news stories which aim to get users to follow malicious links.

Recent spam campaigns have leveraged current news, such as President Obama's inauguration and the conflict in Gaza.

Spam also will use the current economic crisis as a way to dupe users into clicking through emails sent by get-rich-quick schemers and bogus goods and services companies, he said.

The number of attacks on less popular platforms such as Macs and mobile devices are growing, too, and these attack vectors will attract more attention of spammers this year, Swidler predicted.

Spammers will increase their reliance on botnets, according to the Symantec report. In recent weeks, new botnets have surfaced and some existing botnets have ramped up their efforts.

"We continue to see botnets used in a wide variety of ways including spam campaigns," Andre' Di Mino,
co-founder and director at volunteer watchdog Shadowserver Foundation, told Monday in an email. "We do expect to see more sophisticated and robust distribution networks as well as an increase in spam volume (including more targeted campaigns) in 2009. The resurgence of spam and other malicious activity soon after McColo went dark further indicates that the spammers and other criminals have a wide network of services from which to operate."

For IT security professionals trying to protect their organizations from spam, staying current on the most recent version of anti-spam software is essential, Peter Firstbrook, a research director at Gartner, told Monday.

"You shouldn't have to tweak rules and constantly fiddle with settings," Firstbrook said. "If it doesn't work out of the box, look for a better provider."

Firstbrook added that if an organization does not have the time to stay current, it should consider using an on-demand provider. Such services are cost-effective and easy to deploy for organizations under 5,000 employees.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.