AOH :: ISNQ3316.HTM

Spam Soars, Expect Worse In 2007




Spam Soars, Expect Worse In 2007
Spam Soars, Expect Worse In 2007



http://www.informationweek.com/news/showArticle.jhtml?articleID=196602463 

By Gregg Keizer
InformationWeek
Dec 7, 2006

The torrent in spam that started in October may slow slightly after the 
first of the year, but users should expect more junk mail than ever in 
2007, a messaging security company predicted Thursday.

Spam volume is up 73% in the last three months, Postini reported, thanks 
to a one-two-three punch of a huge increase in the number of spam 
botnets and a major jump in the use of both image- and document-based 
spam. For the year, spam quantity is up 143%.

"It's a triple threat, a perfect storm," says Dan Druker, a Postini 
executive VP. "Spammers are using much more difficult [to stop] 
techniques than in the past, and the botnets are much bigger." Some days 
in November, Postini, which offers enterprises managed antispam 
services, counted a million different IP addresses bound to incoming 
junk mail.

"The character of what they're sending has also changed," charges 
Druker. Like other spam experts, Druker notes a big bump in image-based 
spam, junk mail that abstains from using text, which antispam software 
analyzes, and instead plants the message in an image. Sniffing through 
huge quantities of image spam, says Druker, is almost impossible for 
local antispam defenses, whether appliance- or software-based.

According to Postini's data, image- and document-based spamthe latter is 
when a junk mailer tucks the marketing message inside a document 
attached to a messageaccounted for as much as 45% of all spam in the 
fourth quarter, up from less than 2% a year ago.

"The combination of the [high] volume and the type of spam now coming in 
is what's causing companies' defenses to melt down," Druker says. "They 
just can't keep up with the rising tide."

Although an increase in spam is normal during the fourth quarter, the 
current crush of junk mail is definitely out of the ordinary. That means 
come 2007, users will be living with more spam than ever. "[The volume] 
will drop off a little bit, but the [spam] graphs will be taller and 
broader than ever before next year," says Druker.

While the war against spam may not be lost, as other experts have 
claimed, Druker paints an ugly picture for 2007. "The more high-speed 
connections and the more Windows PCs there are gives spammers that much 
more raw material," he says. "Until home PCs get locked down, I don't 
see attacks going down. Only when [consumers] start locking down their 
computers will we see a big difference."

Millions of PCs, the majority of them machines in non-business settings, 
have been hijacked and forced to send spam by a new wave of malware, 
including the prolific Stration (aka Warezov) line, which first made an 
impression on security vendors in October. "Worm attacks are now 
predictive of massive spam attacks," Druker says. "Massive botnets give 
spammers an unlimited free capacity to send billions of messages."

In particular, the large increase in botnet use by spammers has made 
some antispam tactics, such as blacklisting specific IP addresses, 
ineffective.

Druker's dim prognosis is at odds with forecasts made as recently as 
earlier this year, and as far back as January 2004, when Microsoft 
chairman Bill Gates swore that spam would be licked within two years.

"Everyone thought this was a solved problem," says Druker. "But now it's 
the worst it's ever been."


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 
 

Site design & layout copyright © 1986-2014 CodeGods