Spam Is Back With a Vengeance

By Allen Bernard

(Back to article)

According to industry experts quoted last week on CIO Update, cyber-crime is due for a rapid increase in the coming months and new reports from a pair of security vendors on Monday seems to back up those claims.

On Monday, Postini, a provider of on-demand integrated message management services, announced that spammers are out in full force. Postini processed nearly 70 billion email connections from September to November; logging a 59% spike in spam over that period.

This means unwanted email is currently 91% of all email and, over the past 12 months, the daily volume of spam has risen by 120%. Postini also recorded a dramatic increase in overall email traffic with 10 billion more connections in October than in September.

Other Security Articles on CIO Update
Malware Metamorphosing, But This Ain't No Butterfly

The Best Defense Against Social Engineering

Zombies Control Half of Windows PCs

FREE Tech Newsletters

"Of our 10 million users the average person receives about seven desired messages from the Internet every day. Exiting the month of October we were blocking for those same average uses 77 spams," said Daniel Druker, executive vice president of marketing at Postini.

Spammers are now using massive networks of hijacked computers called bot-nets to initiate aggressive attacks. Postini is tracking more than one million bots that are coordinating spam and virus attacks each day, with 50,000 or more active at any instant, said Druker.

This tracks well with what Message Labs said last week in their interview with CIO Update. They also are tracking a bot-net composed of over a million bots poised to be unleashed on the Internet. Control of this network is concentrated in eastern Europe.

The use of bot-nets "is exploding as a trend," said Druker. "This has been going on for a while but it's gotten a lot bigger in the last year. In the last year, we've clearly seen a shift from marketers trying to sell you Viagra to clearly criminal enterprises, criminal networks."

Postini's anti-virus technology also blocked over 31 million viruses for October. The Stration virus, also known as Warezov, was particularly active and aggressive in October, the company said in a release. This Trojan virus is designed to take over target computers, harvest email addresses and turn infected computers into spam-spewing bots.

Security vendor Sophos also reported on Monday that the U.S. is the No.1 generator of spam because of its high number of compromised PCs.

"In the past, hackers had relied on vulnerabilities in the operating system to convert clean machines into Zombies, however, recently we have witnessed the resurgence of malware in this process, said Ron O'Brien, senior security analyst at Sophos.

"Hackers are using it to trick users into running malicious code and opening the backdoor of the network to vulnerabilities. The steady increase in the volume of spam seen traveling across the net is directly related to the enormous rise in Stratio worm strains in recent months."

Along with the potential for more and varied criminal activity including cyber-extortion, spam today is increasingly made up of Word documents and images. A trend Sophos also identified on Monday.

This is bogging down the Internet as a whole and making corporate communication via email more and more expensive to manage and maintain.

"The character of this has changed quite a bit in the last year. Something called image spam and document spam has exploded," said Druker. "Typically those are stock pumping schemes or phishing schemes … that's up from minimal last year to 30% of all traffic today."

Hackers now use techniques such as re-arranging as many as 25 tiny images into a message in an HTML email or using animated GIF attachments to bypass optical character recognition technology in an effort to bypass email security systems. Infected computers are now also re-trying temporarily blocked email connections just like real mail servers do.