By Gregg Keizer
Dec 7, 2006
The torrent in spam that started in October may slow slightly after the
first of the year, but users should expect more junk mail than ever in
2007, a messaging security company predicted Thursday.
Spam volume is up 73% in the last three months, Postini reported, thanks
to a one-two-three punch of a huge increase in the number of spam
botnets and a major jump in the use of both image- and document-based
spam. For the year, spam quantity is up 143%.
"It's a triple threat, a perfect storm," says Dan Druker, a Postini
executive VP. "Spammers are using much more difficult [to stop]
techniques than in the past, and the botnets are much bigger." Some days
in November, Postini, which offers enterprises managed antispam
services, counted a million different IP addresses bound to incoming
"The character of what they're sending has also changed," charges
Druker. Like other spam experts, Druker notes a big bump in image-based
spam, junk mail that abstains from using text, which antispam software
analyzes, and instead plants the message in an image. Sniffing through
huge quantities of image spam, says Druker, is almost impossible for
local antispam defenses, whether appliance- or software-based.
According to Postini's data, image- and document-based spamthe latter is
when a junk mailer tucks the marketing message inside a document
attached to a messageaccounted for as much as 45% of all spam in the
fourth quarter, up from less than 2% a year ago.
"The combination of the [high] volume and the type of spam now coming in
is what's causing companies' defenses to melt down," Druker says. "They
just can't keep up with the rising tide."
Although an increase in spam is normal during the fourth quarter, the
current crush of junk mail is definitely out of the ordinary. That means
come 2007, users will be living with more spam than ever. "[The volume]
will drop off a little bit, but the [spam] graphs will be taller and
broader than ever before next year," says Druker.
While the war against spam may not be lost, as other experts have
claimed, Druker paints an ugly picture for 2007. "The more high-speed
connections and the more Windows PCs there are gives spammers that much
more raw material," he says. "Until home PCs get locked down, I don't
see attacks going down. Only when [consumers] start locking down their
computers will we see a big difference."
Millions of PCs, the majority of them machines in non-business settings,
have been hijacked and forced to send spam by a new wave of malware,
including the prolific Stration (aka Warezov) line, which first made an
impression on security vendors in October. "Worm attacks are now
predictive of massive spam attacks," Druker says. "Massive botnets give
spammers an unlimited free capacity to send billions of messages."
In particular, the large increase in botnet use by spammers has made
some antispam tactics, such as blacklisting specific IP addresses,
Druker's dim prognosis is at odds with forecasts made as recently as
earlier this year, and as far back as January 2004, when Microsoft
chairman Bill Gates swore that spam would be licked within two years.
"Everyone thought this was a solved problem," says Druker. "But now it's
the worst it's ever been."
Subscribe to InfoSec News