Spammers outwitting computer security
August 20, 2007Purveyors are hiding faux greetings, ads in unwanted e-mail.Just when it appeared tech companies had gained the upper hand, spammers have unleashed new forms of the meddlesome e-mail to trick filters.
Spam in the form of popular PDF e-mail attachments and electronic greeting cards is confounding e-mail security systems and annoying consumers. The recent Storm e-mail virus and several pump-and-dump stock scams are clogging inboxes and snookering consumers into downloading malicious software. And it could get worse as the holidays approach, anti-spam experts say.
The trend illustrates the shifting nature of spam's deceptive packaging. As anti-spam vendors come up with solutions, new versions pop up. The most common spam -- which uses images to avoid the detection of spam filters -- is quickly fading because of advances in anti-spam technology.
But spam in PDFs, non-existent in May, now accounts for 8 percent of unsolicited commercial e-mail. Earlier this month, a PDF promoting a pump-and-dump scam contributed to a 30 percent increase in overall spam. It was sent from compromised PCs turned into spam-spreading bots, said security firm Sophos.
Faux electronic-greeting cards, containing links to viruses, also have picked up. Since mid-July, security firm Postini has blocked about 800 million copies of Storm, an e-mail virus masquerading as a greeting card.
"It's a cat-and-mouse game, and PDFs are the latest twist," said Adam Swidler, senior marketing manager at Postini.
Spammers also are beginning to use Excel and zip files.
As spam evolves from text in the body of e-mail to images embedded in attachments, it has become more difficult for filters to identify, said Tom Gillis, co-founder of IronPort Systems, a security company acquired by Cisco Systems. "There is a social engineering element to this. People are more likely to open a PDF file or Excel document, which are more trusted."
Spammers also are leveraging popular online applications to tout ads for everything from stock scams to Viagra. Subscribers to Google's news alerts are beginning to receive links to such ads among their customary news links.
"Spammers make hay with a technique as long as they can," said Doug Bowers, Symantec's senior director of engineering.
Author: Jon Swartz, USA Today