Spammers bypass filters with anti-phishing tech

Spammers are using technology designed to prevent phishing to beat spam filters.

A report this week by email security company MX Logic suggests that nearly ten percent of spam emails sent contain SPF records.

SPF and other email authentication methods, such as Sender ID and Domain Keys Internet Mail (DKIM), verify the origin of the email sent. But spammers are using the system to fool users and anti-spam filters into believing their messages are valid.

"Spammers continue to leverage SPF and Sender ID with the intention of making their messages appear more legitimate and to possibly avoid having their messages delivered with an onscreen notification that a Sender ID record was not found," said Scott Chasin, chief technology officer at MX Logic. "The strength of these protocols is further compromised by the fact that many legitimate senders have yet to adopt either Sender ID or SPF."

Studying more than 17 million email messages from June 19 to June 25 this year nine percent of mails had a published SPF record, 84 percent of which were spam. Only 0.14 percent of total emails were from domains publishing Sender ID, highlighting low-level uptake of the Microsoft scheme.

Yesterday SC reported Yahoo and Cisco's own email authentication technology has finally been submitted as a standard to the Internet Engineering Task Force (IETF).

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.