Spam is reaching unprecedented levels according to a survey released earlier this month by Internet security vendor Postini. The firm reported a 59 percent increase in spam from September to November, when it processed nearly 70 billion e-mail connections. Unwanted e-mail has now reached a whopping 91 percent of all e-mail, it said.
By most measures, spam has been increasing steadily. Postini, for instance, noted that daily volumes rose by 120 percent over the last 12 months. Still, a 59 percent spike over a three-month period is significant, although Postini also noted that e-mail traffic in general rose during the same time period, registering 10 million more connections in October, compared to September.
“Spammers are increasingly aggressive and sophisticated in their techniques, and protection from spam has become a front-burner issue again,” said Daniel Druker, executive vice president of marketing at Postini.
Not surprisingly, spammers are continually refining their techniques to sneak by antivirus and anti-spam applications. One tactic is the massive use of hijacked computers to initiate attacks. Postini estimated there are more than 1 million infected computers coordinating spam and virus attacks each day, with 50,000 or more active at any time.
Reducing the number of bot-infected PCs will go far in eliminating the problem, Randy Abrams, director of technical education at ESET, told TechNewsWorld.
Other tactics spammers use include the use of image spam and MS Office document spam, which Postini said now make up as much as 30 percent of all junk messages, up from 2 percent in 2005. Another favored attack technique is the use of animated GIF attachments that bypass optical character recognition security technology. Also, infected computers are being programmed to retry temporarily blocked e-mail connections just like real mail servers do, Postini claimed.
Image-Based and Other Tricks
Image-based spam and the use of animated GIF images are the latest twist in the spammer versus antivirus vendor wars, agreed Gunter Ollmann, director of X-Force at ISS. “Using multiple frames makes it a lot harder for optical character recognition technology to work,” he told TechNewsWorld. Another, even more recent development, he added, is the use of animated space that uses transparent layers. “Half of the words are on one frame, the other half on another,” Ollmann explained.
Even as they bemoan these trends, antivirus vendors also point to new technologies and strategies that they use to stay ahead of spammers.
The most effective spam-blocking technique at this time is greylisting, according to Andreas Huttenrauch, a director of Globi Web Solutions, although it is not widely known or used. “Greylisting effectively forces the sending server to retry a second time, which most spam servers do not do,” he told TechNewsWorld.
Also, Microsoft has just introduced their Sender ID Framework to reduce spam, he continued. “This system relies on servers ‘knowing each other’ before accepting e-mail. If it is widely adopted, this could reduce world-wide spam tremendously.”
The ability of ISPs to block spam could be the most effective approach, Abrams said.
“However, for this to work, ISPs will need to be able to quarantine bot-infected PCs. This can be very difficult to do in countries such as France, where laudable privacy laws make it difficult to legally filter traffic in search of indicators that a customer’s PC is part of a botnet. That said, there is still a lot that ISPs can do to help mitigate the botnet problem, but customers are going to have to be willing to pay higher costs for their Internet access,” he added.
Behavior modification on the part of some e-mail users would also be necessary. “As long as people buy the spammed products, the spammers will adapt to anti-spam measures, as the only highly effective way to combat spam is to remove the profit from it,” Abrams concluded.
80 Percent and Counting
The proportion of spam to legitimate e-mail is around 80 percent, Huttenrauch estimated — still a high enough level to cost the economy billions in lost productivity, bandwidth and storage, and the manpower to fight the problem, he said.
“The people who suffer the most are small businesses, and individuals who cannot afford the industry-strength solutions [or] don’t have the technical know-how to implement them,” he claimed.