Bounce-back spam sees 2,000 percent spurt
Wednesday, September 16, 2009
The latest hot trend in spam appears to be email messages that spoof non-delivery reports (NDR), the messages users receive when their email bounces back from a non-existent email address or system failure.
Last month, spam messages resembling NDRs exploded by 2,000 percent from the rate of the first six months of the year and made up 20 percent of all spam email in August, according to email security experts at Panda Security.
NDR messages are usually legitimate, but this mail server function is being exploited by spammers using the sender's real name, Panda reported. Spam content is sent as an attachment to the fake NDR.
According to Luis Corrons, technical director of PandaLabs, "there is presently no consensus on whether NDRs are a technique to evade anti-spam filters or a collateral effect of dictionary attacks; either way, this technique is now among the most widely used."
Since most NDRs are legitimate emails and part of the mail server functionality, many traditional email filtering techniques do not detect or block them, he said.
Spam now makes up close to 90 percent of all global email, representing billions of spam messages each day. Most spam is generated automatically through botnets - networks of PCs that have been taken over by attackers.
Related News:
Spam won't go away, but it can be avoided - 3.10.2010
Email filtering works to an extent in ridding computers of spam, but those pesky emails offering millions of dollars for nothing and inexpensive prescription drugs always seem to find a way through even the most stringent filters.
Spammer arrested on extortion charges - 3.9.2010
A California man was arrested and charged with extortion following a threat he made to insurance company New York Life to send spam emails aimed at hurting the company's reputation. Anthony Digati of Chino, California also planned to send spam to the company in hopes of receiving $200,000.
Email filtering recommended as Spamhaus releases spam blacklist - 3.2.2010
Spamhaus, a spam tracking website, has released a list of the worst offenders by domain named currently operating on the web on its domain block list. Aside from being a nuisance, spam is one of the easiest ways for cyber criminals to compromise web security.
Experts doubt Microsoft's claim of reduced spam - 2.25.2010
Computer World reports that several security professionals have contested Microsoft's claims that the company's destruction of the Waledac botnet will alleviate spam spread throughout the web.
Judge: spamming plea warrants jail time for infomercial king - 2.25.2010
Kevin Trudeau, notorious hawker of books boasting natural remedies and memory boosting programs on late-night television, was recently sentenced to 30 days in jail for asking his followers to spam a Chicago judge overseeing a case between Trudeau and the Federal Trade Commission.
|
