EmailSafety.net - As image spam declines, PDF spam ready to take its place

As image spam declines, PDF spam ready to take its place

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Community

RE: Phishing tool constructs new sites in two seconds

Cisco partner solution catalog bites the dust

Subscribe to the Cisco routing and switching update newsletter

All security forums

Story tools

Sponsored by:

E-Mail article
Print article
Contact author	Reprint
AIM article	del.icio.us
Reddit	Digg
Stumble	Slashdot It!

Image spam, which has plagued antispam filters for the past year, is finally on the decline as e-mail security vendors have tweaked their products to block it, says Paul Henry, vice president of technology evangelism with Secure Computing. Image spam has long fooled filters because the message’s text is embedded in an image found in an e-mail’s body, and filters until recently couldn’t decipher images. At the beginning of July it comprised about 38 % of all spam and is now down to about half that volume, says Henry.

Read the latest WhitePaper - IDC White Paper: Storage Encryption: Implementing the Linchpin of Data Security

Stats from Symantec also show the volume of image spam, which the company says began to decline in May, has continued to shrink from its all-time high of 52% of all spam sent in January.

“Image spam does seem to be decreasing … Antispam software, RBLs [real-time black lists] and other filtering techniques have done a good job at decreasing the previous spammers’ attempts; it is now time for them to find a new avenue to annoy us,” says Jim DeSantis, enterprise messaging architect with Abhir Technical Consulting.

Beginning to take image spam’s place is PDF spam, where the spammer sends an e-mail message with a PDF attached – which most spam filters can’t read – that attempts to convince the recipient to purchase stocks. So far security vendors are reporting two types; a professional-looking PDF of a newsletter pumping a German company’s stock that security company IronPort says was sent more than 5 billion times in its first few days, and a more rudimentary PDF attachment containing text that pumped a stock which Symantec says was sent to more than 30 million users over a 10-day period in late June.

So far, PDF spam isn’t approaching the volumes that image spam has enjoyed – Secure Computing’s Henry says in early July it accounted for about 4% of all spam sent – yet this new spam trick could prove to be significantly more malicious. Henry says proof-of-concept code exists that demonstrates security vulnerabilities in PDF files, which means PDF spam could carry malware that is secretly downloaded on the recipient’s PC. Image spam was only dangerous to those recipients who bought the stock that messages were touting and likely lost money on it.

1 | 2 | Next >

Recent News:

· The State of Spam: What to Expect in 2009
· Twitter hit with phishing scam
· Psychic predictions for tech in 2009
· Watch out for hidden cookies
· Microsoft downplays Windows Media Player bug

Site Map | Recent News | Related Sites

Other stories on this topic

Community

Story tools

Sponsored by: