News

Report: Spam Levels Continue To Surge

Spam levels have always comprised the bulk -- the overwhelming majority, in fact -- of all corporate e-mail. Last month, according to Symantec Corp. subsidiary MessageLabs, the spam tally surged even more, eclipsing 90 percent of all business e-mail. That was an uptick of 5.1 percent in just one month.

What happened in May to encourage such an increase?

MessageLabs ascribes the surge to the persistence of botnets. More than half (57.6 percent) of spam is generated by such networks, MessageLabs officials said, with the Rustock and Bagle botnets, in particular, accounting for more than one-fifth of all spam. Both networks are heavily based in the Americas (the single largest botnet, Donbot, is most active in Asia).

The Americas, and the United States in particular, are disproportionately popular spam targets. Spammers largely hew to GMT -5 or GMT -8 clocks, MessageLabs found; most spam is sent during the U.S. work day.

Thanks to ever greater CAPTCHA-cracking success, spammers have been able to more effectively exploit webmail services or social networking sites.

"Active profiles on social networks are goldmines for spammers to lure unsuspecting users. All spammers use is a subject line and a valid hyperlink to active profiles on one of a number of major social networking sites," a MessageLabs release indicated. "These e-mails originate from legitimate addresses on some of the main webmail providers making them harder to catch by regular anti-spam filters."

The spam watcher also flagged the appearance of a new spin on the always-intriguing "ransom" e-mail exploit -- in this case, Russian language "ransom-style" spam. The content of such messages (e.g., "We know your target audience,/If you want to get to them/Order e-mail distribution from us/Phone XXX/ICQ XXX") doesn't so much amount to a threat as a marketing pitch.

What's intriguing, according to MessageLabs, is that spammers are encoding English language words, phrases or sentences in the Russian (Cyrillic) character set in order to fool spam filtering technologies. When an encoded message is received by an e-mail client, the client will use Roman character analogs to render the Cyrillic characters. "The unneccesary use of another character set to encode the English language subject is purely to hide the true content of the subject of the message, and a technique sometimes used by spammers to avoid content filters."

On the "good news" front, malware traffic was down slightly in May, dropping 0.01 percent from April levels. (This number reflects the global ratio of e-mail-borne viruses from "new and previously unknown" sources, according to MessageLabs.) For the month, exactly 7 percent of all e-mail malware featured links to malicious Web sites. That, too, was a decrease -- in this case, of 6.3 percent -- from April's tally.

The number and variety of phishing attacks increased last month -- albeit by just 0.11 percent -- such that 1 in every 279 e-mails (or 0.36 percent of all e-mails) was a phishing attack of some kind. "When judged as a proportion of all e-mail-borne threats such as viruses and Trojans, the proportion of phishing attacks had remained unchanged at 89.7 percent of all e-mail-borne malware and phishing threats intercepted in May," MessageLabs indicated.

Researchers say both traffic and connection management technologies have had some success in terms of reducing or reining-in spam levels. "Traffic Management continues to reduce the overall message volume through techniques operating at the protocol level," MessageLabs researchers report. "Unwanted senders are identified and connections to the mail server are slowed down using features embedded in the TCP protocol. Incoming volumes of known spam are significantly slowed while ensuring legitimate e-mail is expedited."

Last month, for example, MessageLabs says it processed an average of 3.54 billion SMTP connections per day, throttling back more than half (58.1 percent) of this traffic because it was "unequivocally malicious or unwanted."

Ditto for connection management, which researchers say is an effective tool with which to combat directory harvesting, brute force, or e-mail DoS attacks. In May, MessageLabs rejected an average of 45.1 percent of inbound messages (as originating from botnets or other known malicious senders).

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

comments powered by Disqus

Reader Comments:

Tue, Jul 28, 2009 OnSeeker http://onseeker.wordpress.com

My best solution anti spam comes from BitDefender! I don't have spam... I really don't and the big thing in this is that I don't get spam on my IM and YM so I'm really SPAMless with BitDefender! It's true that SPAM is getting more and more different but the thing is that the detection rate of spam for BitDefender is excellent so I'm very satisfied. I don't have spam! I recommend it as the best solution ever( and trust me, I tried it all :))

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.